/**
* Updates this application by leader.
*
* @param integer $newStatus
* @param string $reply
*/
public function updateByLeader($newStatus = 0, $reply = '', $groupLeaderID = 0)
{
// update
$sql = "UPDATE\twcf" . WCF_N . "_group_application\n\t\t\tSET\tapplicationStatus = " . $newStatus . ",\n\t\t\t\treply = '" . escapeString($reply) . "',\n\t\t\t\tgroupLeaderID = " . $groupLeaderID . "\n\t\t\tWHERE\tapplicationID = " . $this->applicationID;
WCF::getDB()->sendQuery($sql);
// set data
$this->data['reply'] = $reply;
// set status
// declined
if ($newStatus == 2 && $this->applicationStatus != 2) {
// remove user from group
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
$user = new UserEditor($this->userID);
$user->removeFromGroup($this->groupID);
$user->resetSession();
// send e-mail notification
if ($this->enableNotification) {
$this->sendNotification($user, 'declined');
}
}
// accepted
if ($newStatus == 3 && $this->applicationStatus != 3) {
// add user to group
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
$user = new UserEditor($this->userID);
$user->addToGroup($this->groupID);
$user->resetSession();
if ($this->enableNotification) {
$this->sendNotification($user, 'accepted');
}
}
}
/**
* @see AbstractAction::execute()
*/
public function execute()
{
parent::execute();
$subscriber = new NewsletterSubscriber($this->subscriberID);
//deletes user subscribers
$sql = 'DELETE FROM wcf' . WCF_N . '_' . $this->activationTable . '
WHERE userID = ' . intval($subscriber->userID);
WCF::getDB()->sendQuery($sql);
//resets user setting
$user = new UserEditor($subscriber->userID);
$options = array('acceptNewsletter' => 0);
$user->updateOptions($options);
//deletes guest subscribers
$sql = 'DELETE FROM wcf' . WCF_N . '_' . $this->guestActivationTable . '
WHERE subscriberID = ' . $this->subscriberID;
WCF::getDB()->sendQuery($sql);
//deletes unsubscribe tokens
$sql = 'DELETE FROM wcf' . WCF_N . '_' . $this->unsubscriptionTable . '
WHERE subscriberID = ' . $this->subscriberID;
WCF::getDB()->sendQuery($sql);
$sql = 'DELETE FROM wcf' . WCF_N . '_' . $this->subscriberTable . '
WHERE subscriberID = ' . $this->subscriberID;
WCF::getDB()->sendQuery($sql);
$this->executed();
//clear cache
$cacheName = 'newsletter-subscriber-' . PACKAGE_ID;
WCF::getCache()->clear(WCF_DIR . 'cache/', 'cache.' . $cacheName . '.php');
HeaderUtil::redirect('index.php?page=NewsletterSubscriberList&result=success&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
AbstractAction::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canBanUser');
if (count($this->userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// update user
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tbanned = 0\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
WCF::getDB()->sendQuery($sql);
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDs);
}
$this->executed();
if (!empty($this->url)) {
HeaderUtil::redirect($this->url);
} else {
// set active menu item
WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management');
// show succes message
WCF::getTPL()->assign('message', 'wcf.acp.user.unban.success');
WCF::getTPL()->display('success');
}
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
WCF::getUser()->checkPermission('admin.user.canDeleteUser');
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
require_once WCF_DIR . 'lib/data/user/group/Group.class.php';
if ($this->userID !== 0) {
$this->userIDs[] = $this->userID;
}
// active user can't delete himself
$activeUserID = WCF::getSession()->getUser()->userID;
$this->userIDs = array_diff($this->userIDs, array($activeUserID));
// check permission
if (count($this->userIDs) > 0) {
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
}
$deletedUsers = UserEditor::deleteUsers($this->userIDs);
$this->executed();
if (!empty($this->url) && (strpos($this->url, 'searchID=0') !== false || strpos($this->url, 'searchID=') === false)) {
HeaderUtil::redirect($this->url);
} else {
HeaderUtil::redirect('index.php?form=UserSearch&deletedUsers=' . $deletedUsers . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
}
exit;
}
function run()
{
global $USER, $Templates;
UserEditor::saveChanges();
$this->setContent('main', UserEditor::edit($USER));
$Templates->render();
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
// send content type
header('Content-Type: text/' . $this->fileType . '; charset=' . CHARSET);
header('Content-Disposition: attachment; filename="export.' . $this->fileType . '"');
if ($this->fileType == 'xml') {
echo "<?xml version=\"1.0\" encoding=\"" . CHARSET . "\"?>\n<addresses>\n";
}
// get users
$sql = "SELECT\t\temail\n\t\t\tFROM\t\twcf" . WCF_N . "_user\n\t\t\tWHERE\t\tuserID IN (" . $this->userIDs . ")\n\t\t\tORDER BY\temail";
$result = WCF::getDB()->sendQuery($sql);
$i = 0;
$j = WCF::getDB()->countRows($result) - 1;
while ($row = WCF::getDB()->fetchArray($result)) {
if ($this->fileType == 'xml') {
echo "<address><![CDATA[" . StringUtil::escapeCDATA($row['email']) . "]]></address>\n";
} else {
echo $this->textSeparator . $row['email'] . $this->textSeparator . ($i < $j ? $this->separator : '');
}
$i++;
}
if ($this->fileType == 'xml') {
echo "</addresses>";
}
UserEditor::unmarkAll();
$this->saved();
exit;
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
$sql = "SELECT\t\tuser.*,\n\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\tWHERE\t\tuser.userID IN (" . $this->userIDs . ")\n\t\t\tGROUP BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) {
throw new PermissionDeniedException();
}
$user = new UserEditor(null, $row);
$user->addToGroups($this->groupIDs, false, false);
}
UserEditor::unmarkAll();
Session::resetSessions(explode(',', $this->userIDs));
$this->saved();
WCF::getTPL()->assign('message', 'wcf.acp.user.assignToGroup.success');
WCF::getTPL()->display('success');
exit;
}
/**
* @see Cronjob::execute()
*/
public function execute($data)
{
// get user ids
$sql = "SELECT\tuserID\n\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\tWHERE\tquitStarted > 0\n\t\t\t\tAND quitStarted < " . (TIME_NOW - 7 * 24 * 3600);
$result = WCF::getDB()->sendQuery($sql);
$userIDs = array();
while ($row = WCF::getDB()->fetchArray($result)) {
$userIDs[] = $row['userID'];
}
// delete users
UserEditor::deleteUsers($userIDs);
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canEnableUser');
if (count($this->userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// send notification
$languages = array(0 => WCF::getLanguage(), WCF::getLanguage()->getLanguageID() => WCF::getLanguage());
$sql = "SELECT\tuserID, username, email, languageID\n\t\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\tAND activationCode <> 0";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!isset($languages[$row['languageID']])) {
$languages[$row['languageID']] = new Language($row['languageID']);
}
$mail = new Mail(array($row['username'] => $row['email']), $languages[$row['languageID']]->get('wcf.acp.user.activation.mail.subject', array('PAGE_TITLE' => $languages[$row['languageID']]->get(PAGE_TITLE))), $languages[$row['languageID']]->get('wcf.acp.user.activation.mail', array('PAGE_TITLE' => $languages[$row['languageID']]->get(PAGE_TITLE), '$username' => $row['username'], 'PAGE_URL' => PAGE_URL, 'MAIL_ADMIN_ADDRESS' => MAIL_ADMIN_ADDRESS)));
$mail->send();
}
// update groups
$sql = "DELETE FROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\t\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\t\tAND groupID = " . Group::getGroupIdByType(Group::GUESTS);
WCF::getDB()->sendQuery($sql);
$sql = "INSERT IGNORE INTO\twcf" . WCF_N . "_user_to_groups\n\t\t\t\t\t\t\t(userID, groupID)\n\t\t\t\tVALUES\t\t\t(" . implode(', ' . Group::getGroupIdByType(Group::USERS) . '),(', $this->userIDs) . ", '" . Group::getGroupIdByType(Group::USERS) . "')";
WCF::getDB()->sendQuery($sql);
// update user
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tactivationCode = 0\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
WCF::getDB()->sendQuery($sql);
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDs);
}
$this->executed();
if (!empty($this->url)) {
HeaderUtil::redirect($this->url);
} else {
// set active menu item
WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management');
// show succes message
WCF::getTPL()->assign('message', 'wcf.acp.user.enable.success');
WCF::getTPL()->display('success');
}
exit;
}
/**
* Tears down the fixture, for example, closes a network connection.
* This method is called after a test is executed.
*/
protected function tearDown()
{
foreach ($this->deleteArray as $delete) {
if (class_exists('UserEditor') && $delete instanceof User) {
UserEditor::deleteUsers(array($delete->userID));
} else {
if (class_exists('GroupEditor') && $delete instanceof Group) {
GroupEditor::deleteGroups(array($delete->groupID));
} else {
$delete->delete();
}
}
}
chdir($this->returndir);
}
/**
* @see Action::execute()
*/
public function execute()
{
AbstractAction::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canEnableUser');
if (count($this->userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// update groups
$sql = "DELETE FROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\t\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\t\tAND groupID <> " . Group::getGroupIdByType(Group::EVERYONE);
WCF::getDB()->sendQuery($sql);
$sql = "INSERT IGNORE INTO\twcf" . WCF_N . "_user_to_groups\n\t\t\t\t\t\t\t(userID, groupID)\n\t\t\t\tVALUES\t\t\t(" . implode(', ' . Group::getGroupIdByType(Group::GUESTS) . '),(', $this->userIDs) . ", '" . Group::getGroupIdByType(Group::GUESTS) . "')";
WCF::getDB()->sendQuery($sql);
// update activation code
foreach ($this->userIDs as $userID) {
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\t\tSET\tactivationCode = " . UserRegistrationUtil::getActivationCode() . "\n\t\t\t\t\tWHERE\tuserID = " . $userID;
WCF::getDB()->sendQuery($sql);
}
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDs);
}
$this->executed();
if (!empty($this->url)) {
HeaderUtil::redirect($this->url);
} else {
// set active menu item
WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management');
// show succes message
WCF::getTPL()->assign('message', 'wcf.acp.user.disable.success');
WCF::getTPL()->display('success');
}
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canMailUser');
// sql condition
$condition = '';
if ($this->userMailData['action'] == '') {
$condition = "WHERE user.userID IN (" . $this->userMailData['userIDs'] . ")";
}
if ($this->userMailData['action'] == 'group') {
$condition = "WHERE user.userID IN (SELECT userID FROM wcf" . WCF_N . "_user_to_groups WHERE groupID IN (" . $this->userMailData['groupIDs'] . "))";
}
// count users
$sql = "SELECT\tCOUNT(*) AS count\n\t\t\tFROM\twcf" . WCF_N . "_user user\n\t\t\t" . $condition;
$row = WCF::getDB()->getFirstRow($sql);
$count = $row['count'];
if ($count <= $this->limit * $this->loop) {
// unmark users
UserEditor::unmarkAll();
// clear session
$userMailData = WCF::getSession()->getVar('userMailData');
unset($userMailData[$this->mailID]);
WCF::getSession()->register('userMailData', $userMailData);
$this->calcProgress();
$this->finish();
}
// get users
$sql = "SELECT\t\tuser_option.*, user.*\n\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value user_option\n\t\t\tON\t\t(user_option.userID = user.userID)\n\t\t\t" . $condition . "\n\t\t\tORDER BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql, $this->limit, $this->limit * $this->loop);
while ($row = WCF::getDB()->fetchArray($result)) {
$user = new User(null, $row);
$adminCanMail = $user->adminCanMail;
if ($adminCanMail === null || $adminCanMail == 1) {
$this->sendMail($user);
}
}
$this->executed();
$this->calcProgress($this->limit * $this->loop, $count);
$this->nextLoop('wcf.acp.worker.progress.working', 'index.php?action=' . $this->action . '&mailID=' . $this->mailID . '&limit=' . $this->limit . '&loop=' . ($this->loop + 1) . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canEnableUser');
// get user ids
$userIDs = WCF::getSession()->getVar('markedUsers');
if (!is_array($userIDs)) {
$userIDs = array();
}
if (count($userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// save config in session
$userMailData = WCF::getSession()->getVar('userMailData');
if ($userMailData === null) {
$userMailData = array();
}
$mailID = count($userMailData);
$userMailData[$mailID] = array('action' => '', 'userIDs' => implode(',', $userIDs));
WCF::getSession()->register('userMailData', $userMailData);
// unmark users
UserEditor::unmarkAll();
$this->executed();
// show worker template
WCF::getTPL()->assign(array('pageTitle' => WCF::getLanguage()->get('wcf.acp.user.sendActivationMail'), 'url' => 'index.php?action=UserActivationMail&mailID=' . $mailID . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED));
WCF::getTPL()->display('worker');
exit;
} else {
$this->executed();
}
HeaderUtil::redirect('index.php?form=UserSearch&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
exit;
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
// merge
$userIDs = $this->userIDs;
$key = array_search($this->userID, $userIDs);
unset($userIDs[$key]);
$userIDsString = implode(',', $userIDs);
// board
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_board_closed_category_to_user\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_board_closed_category_to_admin\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE\twbb" . WBB_N . "_board_moderator\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_board_subscription\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_board_to_user\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_board_visit\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// posts
$sql = "UPDATE\twbb" . WBB_N . "_post\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE\twbb" . WBB_N . "_post_report\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// thread
$sql = "UPDATE\twbb" . WBB_N . "_thread\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_thread_rating\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_thread_subscription\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twbb" . WBB_N . "_thread_visit\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// attachment
$sql = "UPDATE\twcf" . WCF_N . "_attachment\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// groups
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_group_application\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_group_leader\n\t\t\tSET\t\tleaderUserID = " . $this->userID . "\n\t\t\tWHERE\t\tleaderUserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_to_groups\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// pm
$sql = "UPDATE\twcf" . WCF_N . "_pm\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE\twcf" . WCF_N . "_pm_folder\n\t\t\tSET\tuserID = " . $this->userID . "\n\t\t\tWHERE\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_pm_to_user\n\t\t\tSET\t\trecipientID = " . $this->userID . "\n\t\t\tWHERE\t\trecipientID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// poll
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_poll_option_vote\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_poll_vote\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// blacklist / whitelist
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_blacklist\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_blacklist\n\t\t\tSET\t\tblackUserID = " . $this->userID . "\n\t\t\tWHERE\t\tblackUserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_whitelist\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_whitelist\n\t\t\tSET\t\twhiteUserID = " . $this->userID . "\n\t\t\tWHERE\t\twhiteUserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// languages
$sql = "UPDATE IGNORE\twcf" . WCF_N . "_user_to_languages\n\t\t\tSET\t\tuserID = " . $this->userID . "\n\t\t\tWHERE\t\tuserID IN (" . $userIDsString . ")";
WCF::getDB()->sendQuery($sql);
// delete users
UserEditor::deleteUsers($userIDs);
// unmark users
UserEditor::unmarkAll();
$this->saved();
// show succes message
WCF::getTPL()->assign('message', 'wbb.acp.user.merge.success');
WCF::getTPL()->display('success');
exit;
}
/**
* Creates a new user with all required and filled out additional fields.
*
* @param string $username
* @param string $email
* @param string $password
* @param mixed $groupIDs
* @param array $userOptions
* @param array $additionalFields
* @param array $visibleLanguages
* @param boolean $addDefaultGroups
* @return UserEditor
*/
public static function create($username, $email, $password, $groupIDs, $userOptions = array(), $additionalFields = array(), $visibleLanguages = array(), $addDefaultGroups = true)
{
// insert main data
$salt = StringUtil::getRandomID();
$password = StringUtil::getDoubleSaltedHash($password, $salt);
$userID = self::insert($username, $email, $password, $salt, $additionalFields);
// insert user options
self::insertUserOptions($userID, $userOptions);
// insert groups
$user = new UserEditor($userID);
$user->addToGroups($groupIDs, false, $addDefaultGroups);
$user->addToLanguage($visibleLanguages);
return $user;
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
// active user can't ban himself
$this->userIDArray = array_diff($this->userIDArray, array(WCF::getUser()->userID));
if (count($this->userIDArray) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// get adminCanMail user option id
$adminCanMailID = User::getUserOptionID('adminCanMail');
// update user
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tbanned = 1,\n\t\t\t\t\tbanReason = '" . escapeString($this->reason) . "'\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")";
WCF::getDB()->sendQuery($sql);
// update user options
if ($adminCanMailID !== null) {
$sql = "UPDATE\twcf" . WCF_N . "_user_option_value\n\t\t\t\t\tSET\tuserOption" . $adminCanMailID . " = 0\n\t\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")";
WCF::getDB()->sendQuery($sql);
}
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDArray);
}
$this->saved();
// forward
if (empty($this->url)) {
$this->url = 'index.php?form=UserSearch&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED;
}
HeaderUtil::redirect($this->url);
exit;
}
/**
* Show user editor.
*/
protected function showUserEditor()
{
$this->request->shiftPath(1);
$this->userEditor = $this->document->componentManager->createComponent('userEditor', 'Energine\\user\\components\\UserEditor', null);
$this->userEditor->run();
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
// build conditions
$this->conditions = new ConditionBuilder();
// static fields
if (!empty($this->username)) {
$this->conditions->add("user.username LIKE '%" . addcslashes(escapeString($this->username), '_%') . "%'");
}
if (!empty($this->email)) {
$this->conditions->add("user.email LIKE '%" . addcslashes(escapeString($this->email), '_%') . "%'");
}
if (count($this->groupIDArray) > 0) {
$this->conditions->add("user.userID " . ($this->invertGroupIDs == 1 ? 'NOT ' : '') . "IN (SELECT userID FROM wcf" . WCF_N . "_user_to_groups WHERE groupID IN (" . implode(',', $this->groupIDArray) . "))");
}
if (count($this->languageIDArray) > 0) {
$this->conditions->add("user.languageID IN (" . implode(',', $this->languageIDArray) . ")");
}
// dynamic fields
foreach ($this->activeOptions as $name => $option) {
$value = isset($this->values[$option['optionName']]) ? $this->values[$option['optionName']] : null;
$condition = $this->getTypeObject($option['optionType'])->getCondition($option, $value, isset($this->matchExactly[$name]));
if ($condition !== false) {
$this->conditions->add($condition);
}
}
// call buildConditions event
EventHandler::fireAction($this, 'buildConditions');
// execute action
switch ($this->action) {
case 'sendMail':
WCF::getUser()->checkPermission('admin.user.canMailUser');
// get user ids
$userIDArray = array();
$sql = "SELECT\t\tuser.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\t" . $this->conditions->get();
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
$userIDArray[] = $row['userID'];
$this->affectedUsers++;
}
// save config in session
$userMailData = WCF::getSession()->getVar('userMailData');
if ($userMailData === null) {
$userMailData = array();
}
$mailID = count($userMailData);
$userMailData[$mailID] = array('action' => '', 'userIDs' => implode(',', $userIDArray), 'groupIDs' => '', 'subject' => $this->subject, 'text' => $this->text, 'from' => $this->from, 'enableHTML' => $this->enableHTML);
WCF::getSession()->register('userMailData', $userMailData);
$this->saved();
// show worker template
WCF::getTPL()->assign(array('pageTitle' => WCF::getLanguage()->get('wcf.acp.user.sendMail'), 'url' => 'index.php?action=UserMail&mailID=' . $mailID . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED));
WCF::getTPL()->display('worker');
exit;
break;
case 'exportMailAddress':
WCF::getUser()->checkPermission('admin.user.canMailUser');
// send content type
header('Content-Type: text/' . $this->fileType . '; charset=' . CHARSET);
header('Content-Disposition: attachment; filename="export.' . $this->fileType . '"');
if ($this->fileType == 'xml') {
echo "<?xml version=\"1.0\" encoding=\"" . CHARSET . "\"?>\n<addresses>\n";
}
// get users
$sql = "SELECT\t\tuser.email\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\t" . $this->conditions->get() . "\n\t\t\t\t\tORDER BY\tuser.email";
$result = WCF::getDB()->sendQuery($sql);
$i = 0;
$j = WCF::getDB()->countRows($result) - 1;
while ($row = WCF::getDB()->fetchArray($result)) {
if ($this->fileType == 'xml') {
echo "<address><![CDATA[" . StringUtil::escapeCDATA($row['email']) . "]]></address>\n";
} else {
echo $this->textSeparator . $row['email'] . $this->textSeparator . ($i < $j ? $this->separator : '');
}
$i++;
$this->affectedUsers++;
}
if ($this->fileType == 'xml') {
echo "</addresses>";
}
$this->saved();
exit;
break;
case 'assignToGroup':
WCF::getUser()->checkPermission('admin.user.canEditUser');
$userIDArray = array();
$sql = "SELECT\t\tuser.*,\n\t\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\t\t\t" . $this->conditions->get() . "\t\t\n\t\t\t\t\tGROUP BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) {
throw new PermissionDeniedException();
}
$user = new UserEditor(null, $row);
$user->addToGroups($this->assignToGroupIDArray, false, false);
$userIDArray[] = $row['userID'];
$this->affectedUsers++;
}
Session::resetSessions($userIDArray);
break;
case 'delete':
WCF::getUser()->checkPermission('admin.user.canDeleteUser');
$userIDArray = array();
$sql = "SELECT\t\tuser.*,\n\t\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\t\t\t" . $this->conditions->get() . "\t\t\n\t\t\t\t\tGROUP BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) {
throw new PermissionDeniedException();
}
$userIDArray[] = $row['userID'];
$this->affectedUsers++;
}
UserEditor::deleteUsers($userIDArray);
break;
}
$this->saved();
WCF::getTPL()->assign('affectedUsers', $this->affectedUsers);
}
/**
* Shows the page for creating the admin account.
*/
protected function createUser()
{
$errorType = $errorField = $username = $email = $confirmEmail = $password = $confirmPassword = '';
$username = '';
$email = $confirmEmail = '';
$password = $confirmPassword = '';
if (isset($_POST['send']) || self::$developerMode) {
if (isset($_POST['send'])) {
if (isset($_POST['username'])) {
$username = StringUtil::trim($_POST['username']);
}
if (isset($_POST['email'])) {
$email = StringUtil::trim($_POST['email']);
}
if (isset($_POST['confirmEmail'])) {
$confirmEmail = StringUtil::trim($_POST['confirmEmail']);
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
}
if (isset($_POST['confirmPassword'])) {
$confirmPassword = $_POST['confirmPassword'];
}
} else {
$username = $password = $confirmPassword = '******';
$email = $confirmEmail = '*****@*****.**';
}
// error handling
try {
// username
if (empty($username)) {
throw new UserInputException('username');
}
if (!UserUtil::isValidUsername($username)) {
throw new UserInputException('username', 'notValid');
}
// e-mail address
if (empty($email)) {
throw new UserInputException('email');
}
if (!UserUtil::isValidEmail($email)) {
throw new UserInputException('email', 'notValid');
}
// confirm e-mail address
if ($email != $confirmEmail) {
throw new UserInputException('confirmEmail', 'notEqual');
}
// password
if (empty($password)) {
throw new UserInputException('password');
}
// confirm e-mail address
if ($password != $confirmPassword) {
throw new UserInputException('confirmPassword', 'notEqual');
}
// no errors
// init database connection
$this->initDB();
// get language id
$languageID = 0;
$sql = "SELECT\tlanguageID\n\t\t\t\t\tFROM\twcf" . WCF_N . "_language\n\t\t\t\t\tWHERE\tlanguageCode = '" . escapeString(self::$selectedLanguageCode) . "'";
$row = self::getDB()->getFirstRow($sql);
if (isset($row['languageID'])) {
$languageID = $row['languageID'];
}
// create user
$user = UserEditor::create($username, $email, $password, array(1, 3, 4), array(), array('languageID' => $languageID), array(), false);
// go to next step
$this->gotoNextStep('installPackages');
exit;
} catch (UserInputException $e) {
$errorField = $e->getField();
$errorType = $e->getType();
}
}
WCF::getTPL()->assign(array('errorField' => $errorField, 'errorType' => $errorType, 'username' => $username, 'email' => $email, 'confirmEmail' => $confirmEmail, 'password' => $password, 'confirmPassword' => $confirmPassword, 'nextStep' => 'createUser'));
WCF::getTPL()->display('stepCreateUser');
}
/**
* Deletes marked users.
*/
public function deleteMarked()
{
WCF::getUser()->checkPermission('admin.user.canDeleteUser');
$userIDs = WCF::getSession()->getVar('markedUsers');
if (!is_array($userIDs)) {
$userIDs = array();
}
$deletedUsers = 0;
// active user can't delete himself
$activeUserID = WCF::getSession()->getUser()->userID;
$userIDs = array_diff($userIDs, array($activeUserID));
// check permission
if (count($userIDs) > 0) {
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
$deletedUsers = UserEditor::deleteUsers($userIDs);
}
self::unmarkAll();
HeaderUtil::redirect('index.php?form=UserSearch&deletedUsers=' . $deletedUsers . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
exit;
}
/**
* @see Form::save()
*/
public function save()
{
AbstractForm::save();
// create
$this->additionalFields['languageID'] = $this->languageID;
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
$this->user = UserEditor::create($this->username, $this->email, $this->password, $this->groupIDs, $this->activeOptions, $this->additionalFields, $this->visibleLanguages);
$this->saved();
// show empty add form
WCF::getTPL()->assign(array('success' => true, 'newUser' => $this->user));
// reset values
$this->username = $this->email = $this->confirmEmail = $this->password = $this->confirmPassword = '';
$this->groupIDs = array();
$this->languageID = $this->getDefaultFormLanguageID();
foreach ($this->activeOptions as $key => $option) {
unset($this->activeOptions[$key]['optionValue']);
}
}
/**
* Deletes users
*
* @param array $generalOptions
*/
protected function deleteUsers($generalOptions)
{
$deleteOptions = $this->data['parameters']['user.inactiveUsers.inactive'];
$sql = "SELECT user.* FROM wcf" . WCF_N . "_user user\n\t\t\t\tLEFT JOIN wcf" . WCF_N . "_user_option_value user_option ON (user_option.userID = user.userID)\t\t\t\t\n\t\t\t\tWHERE user.lastActivityTime < " . (TIME_NOW - $deleteOptions['time'] * 86400) . "\t\t\t\t\n\t\t\t\tAND " . $this->ignoreCondition->get() . "\n\t\t\t\tGROUP BY user.userID";
$result = WCF::getDB()->sendQuery($sql);
$userIDs = array();
while ($row = WCF::getDB()->fetchArray($result)) {
$this->deletedInactiveUsers[] = new User(null, $row);
$userIDs[] = $row['userID'];
}
UserEditor::deleteUsers($userIDs);
}
/**
* @see Form::save()
*/
public function save()
{
AbstractForm::save();
// save language id
$this->additionalFields['languageID'] = $this->languageID;
// save registration ip address
$this->additionalFields['registrationIpAddress'] = WCF::getSession()->ipAddress;
// generate activation code
$addDefaultGroups = true;
if (REGISTER_ACTIVATION_METHOD == 1 || REGISTER_ACTIVATION_METHOD == 2) {
$activationCode = UserRegistrationUtil::getActivationCode();
$this->additionalFields['activationCode'] = $activationCode;
$addDefaultGroups = false;
$this->groupIDs = Group::getGroupIdsByType(array(Group::EVERYONE, Group::GUESTS));
}
// create
$this->user = UserEditor::create($this->username, $this->email, $this->password, $this->groupIDs, $this->activeOptions, $this->additionalFields, $this->visibleLanguages, $addDefaultGroups);
// update session
WCF::getSession()->changeUser($this->user);
// activation management
if (REGISTER_ACTIVATION_METHOD == 0) {
$this->message = 'wcf.user.register.success';
}
if (REGISTER_ACTIVATION_METHOD == 1) {
$mail = new Mail(array($this->username => $this->email), WCF::getLanguage()->get('wcf.user.register.needActivation.mail.subject', array('PAGE_TITLE' => WCF::getLanguage()->get(PAGE_TITLE))), WCF::getLanguage()->get('wcf.user.register.needActivation.mail', array('PAGE_TITLE' => WCF::getLanguage()->get(PAGE_TITLE), '$username' => $this->username, '$userID' => $this->user->userID, '$activationCode' => $activationCode, 'PAGE_URL' => PAGE_URL, 'MAIL_ADMIN_ADDRESS' => MAIL_ADMIN_ADDRESS)));
$mail->send();
$this->message = 'wcf.user.register.needActivation';
}
if (REGISTER_ACTIVATION_METHOD == 2) {
$this->message = 'wcf.user.register.awaitActivation';
}
// notify admin
if (REGISTER_ADMIN_NOTIFICATION) {
// get default language
$language = WCF::getLanguage()->getLanguageID() != Language::getDefaultLanguageID() ? new Language(Language::getDefaultLanguageID()) : WCF::getLanguage();
$language->setLocale();
// send mail
$mail = new Mail(MAIL_ADMIN_ADDRESS, $language->get('wcf.user.register.notification.mail.subject', array('PAGE_TITLE' => $language->get(PAGE_TITLE))), $language->get('wcf.user.register.notification.mail', array('PAGE_TITLE' => $language->get(PAGE_TITLE), '$username' => $this->username)));
$mail->send();
WCF::getLanguage()->setLocale();
}
// delete captcha
if (REGISTER_USE_CAPTCHA && !WCF::getSession()->getVar('captchaDone')) {
$this->captcha->delete();
}
WCF::getSession()->unregister('captchaDone');
// login user
UserAuth::getInstance()->storeAccessData($this->user, $this->username, $this->password);
$this->saved();
// forward to index page
WCF::getTPL()->assign(array('url' => 'index.php' . SID_ARG_1ST, 'message' => WCF::getLanguage()->get($this->message, array('$username' => $this->username, '$email' => $this->email))));
WCF::getTPL()->display('redirect');
exit;
}
public function actionEdit()
{
$form = UserEditor::model()->findByPk(Yii::app()->user->id);
if (isset($_POST["UserEditor"])) {
$form->attributes = $_POST["UserEditor"];
if ($form->save()) {
$this->redirect(Yii::app()->user->url);
}
}
$this->render("edit", array("model" => $form));
}
public function deleteInactiveUser($days, $exclUser = 0, $exclGrp = 0)
{
if ($days > 0) {
$userIDs = array();
$sql = "SELECT userID, username, registrationDate, lastActivityTime" . "\n FROM wcf" . WCF_N . "_user" . "\n WHERE activationCode > 0" . "\n AND lastActivityTime < " . (TIME_NOW - $days * 86400);
if (!empty($exclUser)) {
$sql .= "\n AND userID NOT IN (" . $exclUser . ")";
}
if (!empty($exclGrp)) {
$sql .= "\n AND userID NOT IN (SELECT userID FROM wcf" . WCF_N . "_user_to_groups WHERE groupID IN (" . $exclGrp . "))";
}
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
$userIDs[] = $row['userID'];
}
if (count($userIDs) > 0) {
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
UserEditor::deleteUsers($userIDs);
}
}
}
