}
 } else {
     $user_ban = retrieve(POST, 'user_ban', '', TSTRING_UNCHANGE);
     $user_ban = $user_ban > 0 ? time() + $user_ban : 0;
     if ($valid_user && !empty($id_get)) {
         try {
             $info_mbr = PersistenceContext::get_querier()->select_single_row(DB_TABLE_MEMBER, array('user_id', 'display_name', 'warning_percentage', 'email'), 'WHERE user_id=:id', array('id' => $id_get));
         } catch (RowNotFoundException $e) {
             $error_controller = PHPBoostErrors::unexisting_element();
             DispatchManager::redirect($error_controller);
         }
         MemberSanctionManager::banish($id_get, $user_ban, MemberSanctionManager::SEND_MAIL);
         if ($user_ban == 0 && $info_mbr['warning_percentage'] == 100) {
             MemberSanctionManager::remove_write_permissions($id_get, 90, MemberSanctionManager::NO_SEND_CONFIRMATION);
         }
         SessionData::recheck_cached_data_from_user_id($user_id);
         AppContext::get_response()->redirect(UserUrlBuilder::moderation_panel('ban'));
     }
     $moderation_panel_template->put_all(array('C_MODO_PANEL_USER' => true, 'L_ACTION_INFO' => $LANG['ban_management'], 'L_LOGIN' => LangLoader::get_message('display_name', 'user-common'), 'L_INFO_MANAGEMENT' => $LANG['ban_management'], 'U_XMLHTTPREQUEST' => 'ban_user', 'U_ACTION' => UserUrlBuilder::moderation_panel('ban')->rel() . '&token=' . AppContext::get_session()->get_token()));
     if (empty($id_get)) {
         if ($search_member) {
             $login = retrieve(POST, 'login_mbr', '');
             $user_id = PersistenceContext::get_querier()->get_column_value(DB_TABLE_MEMBER, 'user_id', 'WHERE display_name LIKE :name', array('name' => '%' . $login . '%'));
             if (!empty($user_id) && !empty($login)) {
                 AppContext::get_response()->redirect(UserUrlBuilder::moderation_panel('ban', $user_id));
             } else {
                 AppContext::get_response()->redirect(UserUrlBuilder::moderation_panel('ban'));
             }
         }
         $moderation_panel_template->put_all(array('C_MODO_PANEL_USER_LIST' => true, 'L_PM' => $LANG['user_contact_pm'], 'L_INFO' => $LANG['user_ban_until'], 'L_ACTION_USER' => $LANG['ban_management'], 'L_PROFILE' => LangLoader::get_message('profile', 'user-common'), 'L_SEARCH_USER' => $LANG['search_member'], 'L_SEARCH' => $LANG['search'], 'L_REQUIRE_LOGIN' => $LANG['require_pseudo']));
         $i = 0;
 /**
  * @desc Deletes a private message, until the recipient has not read it. 
  * @param int $pm_to
  * @param int $pm_idmsg
  * @param int $pm_idconvers
  * @return int The previous message id.
  */
 public static function delete($pm_to, $pm_idmsg, $pm_idconvers)
 {
     //Suppression du message.
     self::$db_querier->delete(DB_TABLE_PM_MSG, 'WHERE id = :id AND idconvers = :idconvers', array('id' => $pm_idmsg, 'idconvers' => $pm_idconvers));
     $pm_max_id = self::$db_querier->get_column_value(DB_TABLE_PM_MSG, 'MAX(id)', 'WHERE idconvers = :idconvers', array('idconvers' => $pm_idconvers));
     $pm_last_msg = self::$db_querier->select_single_row(DB_TABLE_PM_MSG, array('user_id', 'timestamp'), 'WHERE id=:id', array('id' => $pm_max_id));
     if (!empty($pm_max_id)) {
         //Mise à jour de la conversation.
         $user_view_pm = self::$db_querier->get_column_value(DB_TABLE_PM_TOPIC, 'user_view_pm', 'WHERE id = :id', array('id' => $pm_idconvers));
         self::$db_querier->inject("UPDATE " . DB_TABLE_PM_TOPIC . "  SET nbr_msg = nbr_msg - 1, user_view_pm = '" . ($user_view_pm - 1) . "', last_user_id = '" . $pm_last_msg['user_id'] . "', last_msg_id = '" . $pm_max_id . "', last_timestamp = '" . $pm_last_msg['timestamp'] . "' WHERE id = '" . $pm_idconvers . "'");
         //Mise à jour du compteur de mp du destinataire.
         self::$db_querier->inject("UPDATE " . DB_TABLE_MEMBER . " SET unread_pm = unread_pm - 1 WHERE user_id = '" . $pm_to . "'");
     }
     SessionData::recheck_cached_data_from_user_id($pm_to);
     return $pm_max_id;
 }
 private function save(HTTPRequestCustom $request)
 {
     $has_error = false;
     $user_id = $this->user->get_id();
     if ($this->form->get_value('delete_account')) {
         UserService::delete_by_id($user_id);
     } else {
         $approbation = $this->internal_auth_infos['approved'];
         if (AppContext::get_current_user()->is_admin()) {
             $old_approbation = $approbation;
             $approbation = $this->form->get_value('approbation');
             $groups = array();
             foreach ($this->form->get_value('groups') as $field => $option) {
                 $groups[] = $option->get_raw_value();
             }
             GroupsService::edit_member($user_id, $groups);
             $this->user->set_groups($groups);
             $this->user->set_level($this->form->get_value('rank')->get_raw_value());
         }
         if ($this->form->has_field('theme')) {
             $this->user->set_theme($this->form->get_value('theme')->get_raw_value());
         }
         $this->user->set_locale($this->form->get_value('lang')->get_raw_value());
         $this->user->set_display_name($this->form->get_value('display_name'));
         $this->user->set_email($this->form->get_value('email'));
         $this->user->set_locale($this->form->get_value('lang')->get_raw_value());
         $this->user->set_editor($this->form->get_value('text-editor')->get_raw_value());
         $this->user->set_show_email(!$this->form->get_value('user_hide_mail'));
         $this->user->set_timezone($this->form->get_value('timezone')->get_raw_value());
         try {
             UserService::update($this->user, $this->member_extended_fields_service);
         } catch (MemberExtendedFieldErrorsMessageException $e) {
             $has_error = true;
             $this->tpl->put('MSG', MessageHelper::display($e->getMessage(), MessageHelper::NOTICE));
         }
         $login = $this->form->get_value('email');
         if ($this->form->get_value('custom_login', false)) {
             $login = $this->form->get_value('login');
         }
         $password = $this->form->get_value('password');
         if ($this->internal_auth_infos === null && !empty($password)) {
             $authentication_method = new PHPBoostAuthenticationMethod($login, $password);
             AuthenticationService::associate($authentication_method, $user_id);
         } elseif (!empty($password)) {
             $old_password = $this->form->get_value('old_password');
             if (!empty($old_password)) {
                 $old_password_hashed = KeyGenerator::string_hash($old_password);
                 if ($old_password_hashed == $this->internal_auth_infos['password']) {
                     PHPBoostAuthenticationMethod::update_auth_infos($user_id, $login, $approbation, KeyGenerator::string_hash($password));
                     $has_error = false;
                 } else {
                     $has_error = true;
                     $this->tpl->put('MSG', MessageHelper::display($this->lang['profile.edit.password.error'], MessageHelper::NOTICE));
                 }
             }
         } else {
             PHPBoostAuthenticationMethod::update_auth_infos($user_id, $login, $approbation);
         }
         if (AppContext::get_current_user()->is_admin()) {
             if ($old_approbation != $approbation && $old_approbation == 0) {
                 //Recherche de l'alerte correspondante
                 $matching_alerts = AdministratorAlertService::find_by_criteria($user_id, 'member_account_to_approbate');
                 //L'alerte a été trouvée
                 if (count($matching_alerts) == 1) {
                     $alert = $matching_alerts[0];
                     $alert->set_status(AdministratorAlert::ADMIN_ALERT_STATUS_PROCESSED);
                     AdministratorAlertService::save_alert($alert);
                     $site_name = GeneralConfig::load()->get_site_name();
                     $subject = StringVars::replace_vars($this->user_lang['registration.subject-mail'], array('site_name' => $site_name));
                     $content = StringVars::replace_vars($this->user_lang['registration.email.mail-administrator-validation'], array('pseudo' => $this->user->get_display_name(), 'site_name' => $site_name, 'signature' => MailServiceConfig::load()->get_mail_signature()));
                     AppContext::get_mail_service()->send_from_properties($this->user->get_email(), $subject, $content);
                 }
             }
             $user_warning = $this->form->get_value('user_warning')->get_raw_value();
             if (!empty($user_warning) && $user_warning != $this->user->get_warning_percentage()) {
                 MemberSanctionManager::caution($user_id, $user_warning, MemberSanctionManager::SEND_MP, str_replace('%level%', $user_warning, LangLoader::get_message('user_warning_level_changed', 'main')));
             } elseif (empty($user_warning)) {
                 MemberSanctionManager::cancel_caution($user_id);
             }
             $user_readonly = $this->form->get_value('user_readonly')->get_raw_value();
             if (!empty($user_readonly) && $user_readonly != $this->user->get_delay_readonly()) {
                 MemberSanctionManager::remove_write_permissions($user_id, time() + $user_readonly, MemberSanctionManager::SEND_MP, str_replace('%date%', $this->form->get_value('user_readonly')->get_label(), LangLoader::get_message('user_readonly_changed', 'main')));
             } elseif (empty($user_readonly)) {
                 MemberSanctionManager::restore_write_permissions($user_id);
             }
             $user_ban = $this->form->get_value('user_ban')->get_raw_value();
             if (!empty($user_ban) && $user_ban != $this->user->get_delay_banned()) {
                 MemberSanctionManager::banish($user_id, time() + $user_ban, MemberSanctionManager::SEND_MAIL);
             } elseif ($user_ban != $this->user->get_delay_banned()) {
                 MemberSanctionManager::cancel_banishment($user_id);
             }
         }
         SessionData::recheck_cached_data_from_user_id($user_id);
     }
     if (!$has_error) {
         AppContext::get_response()->redirect($request->get_url_referrer() ? $request->get_url_referrer() : UserUrlBuilder::edit_profile($user_id), $this->lang['user.message.success.edit']);
     }
 }
Beispiel #4
0
 try {
     $convers = PersistenceContext::get_querier()->select_single_row(DB_TABLE_PM_TOPIC, array('id', 'title', 'user_id', 'user_id_dest', 'nbr_msg', 'last_msg_id', 'last_user_id', 'user_view_pm'), 'WHERE id = :id AND :user_id IN (user_id, user_id_dest)', array('id' => $pm_id_get, 'user_id' => $current_user->get_id()));
 } catch (RowNotFoundException $e) {
     $error_controller = PHPBoostErrors::unexisting_element();
     DispatchManager::redirect($error_controller);
 }
 //Vérification des autorisations.
 if (empty($convers['id']) || $convers['user_id'] != $current_user->get_id() && $convers['user_id_dest'] != $current_user->get_id()) {
     $error_controller = PHPBoostErrors::unexisting_page();
     DispatchManager::redirect($error_controller);
 }
 if ($convers['user_view_pm'] > 0 && $convers['last_user_id'] != $current_user->get_id()) {
     PersistenceContext::get_querier()->update(DB_TABLE_MEMBER, array('unread_pm' => 'unread_pm - ' . (int) $convers['user_view_pm']), 'WHERE user_id = :id', array('id' => $current_user->get_id()));
     PersistenceContext::get_querier()->update(DB_TABLE_PM_TOPIC, array('user_view_pm' => 0), 'WHERE id = :id', array('id' => $pm_id_get));
     PersistenceContext::get_querier()->update(DB_TABLE_PM_MSG, array('view_status' => 1), 'WHERE idconvers = :id AND user_id <> :user_id', array('id' => $convers['id'], 'user_id' => $current_user->get_id()));
     SessionData::recheck_cached_data_from_user_id($current_user->get_id());
 }
 //On crée une pagination si le nombre de MP est trop important.
 $page = AppContext::get_request()->get_getint('p', 1);
 $pagination = new ModulePagination($page, $convers['nbr_msg'], $_NBR_ELEMENTS_PER_PAGE);
 $pagination->set_url(new Url('/user/pm.php?id=' . $pm_id_get . '&amp;p=%d'));
 if ($pagination->current_page_is_empty() && $page > 1) {
     $error_controller = PHPBoostErrors::unexisting_page();
     DispatchManager::redirect($error_controller);
 }
 $tpl->assign_block_vars('pm', array('C_PAGINATION' => $pagination->has_several_pages(), 'PAGINATION' => $pagination->display(), 'U_PM_BOX' => '<a href="pm.php' . '">' . $LANG['pm_box'] . '</a>', 'U_TITLE_CONVERS' => '<a href="pm' . url('.php?id=' . $pm_id_get, '-0-' . $pm_id_get . '.php') . '">' . $convers['title'] . '</a>'));
 $tpl->put_all(array('L_REQUIRE_MESSAGE' => $LANG['require_text'], 'L_REQUIRE_TITLE' => $LANG['require_title'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_PRIVATE_MESSAGE' => $LANG['private_message'], 'L_RESPOND' => $LANG['respond'], 'L_SUBMIT' => $LANG['submit'], 'L_PREVIEW' => $LANG['preview'], 'L_EDIT' => LangLoader::get_message('edit', 'common'), 'L_DELETE' => LangLoader::get_message('delete', 'common'), 'L_RESET' => $LANG['reset']));
 //Message non lu par autre membre que user_id view_status => 0.
 //Message lu par autre membre que user_id view_status => 1.
 $is_guest_in_convers = false;
 $page = retrieve(GET, 'p', 0);
 /**
  * @desc Update user
  * @param User $user 
  * @param string $condition the SQL condition update user
  * @param array $parameters 
  */
 public static function update(User $user, $extended_fields = null)
 {
     $condition = 'WHERE user_id=:user_id';
     $parameters = array('user_id' => $user->get_id());
     self::$querier->update(DB_TABLE_MEMBER, array('display_name' => TextHelper::htmlspecialchars($user->get_display_name()), 'level' => $user->get_level(), 'groups' => implode('|', $user->get_groups()), 'email' => $user->get_email(), 'show_email' => (int) $user->get_show_email(), 'locale' => $user->get_locale(), 'timezone' => $user->get_timezone(), 'theme' => $user->get_theme(), 'editor' => $user->get_editor()), $condition, $parameters);
     if ($extended_fields !== null) {
         if ($extended_fields instanceof MemberExtendedFieldsService) {
             $fields_data = $extended_fields->get_data($user->get_id());
         } elseif (is_array($extended_fields)) {
             $fields_data = $extended_fields;
         } else {
             $fields_data = array();
         }
         self::$querier->update(DB_TABLE_MEMBER_EXTENDED_FIELDS, $fields_data, $condition, $parameters);
     }
     SessionData::recheck_cached_data_from_user_id($user->get_id());
     self::regenerate_cache();
 }