/**
* Event is called when the admin rights of an user are removed
*
* @param string $event remove_admin
* @param string $type user
* @param ElggUser $user the affected user
*
* @return void
*/
function security_tools_remove_admin_handler($event, $type, ElggUser $user)
{
if (empty($user) || !elgg_instanceof($user, "user")) {
return;
}
$site = elgg_get_site_entity();
$logged_in_user = elgg_get_logged_in_user_entity();
// notify other administrators about this
$setting = elgg_get_plugin_setting("mails_admin_admins", "security_tools");
if ($setting != "no") {
// get all the site administrators
$options = array("limit" => false, "joins" => array("JOIN " . elgg_get_config("dbprefix") . "entity_relationships r ON e.guid = r.guid_one"), "wheres" => array("(r.relationship = 'member_of_site' AND r.guid_two = " . $site->getGUID() . ")", "(e.guid <> " . $user->getGUID() . ")"));
$admins = elgg_get_admins($options);
// allow other plugins to modify the admins
$params = array("event" => "remove_admin", "admins" => $admins, "user" => $user);
$admins = elgg_trigger_plugin_hook("notify_admins", "security_tools", $params, $admins);
// if we have administrators left, notify them
if (!empty($admins) && is_array($admins)) {
$subject = elgg_echo("security_tools:notify_admins:remove_admin:subject", array($site->name));
$message = elgg_echo("security_tools:notify_admins:remove_admin:message", array($user->name, $logged_in_user->name, $user->getURL(), $site->url));
foreach ($admins as $admin) {
// force notifications to email so nobody misses this
notify_user($admin->getGUID(), $site->getGUID(), $subject, $message, null, "email");
}
}
}
// notify the user about this
$setting = elgg_get_plugin_setting("mails_admin_user", "security_tools");
if ($setting == "yes") {
$notify = true;
// allow other plugins to block this notification
$params = array("event" => "remove_admin", "user" => $user);
$notify = elgg_trigger_plugin_hook("notify_user", "security_tools", $params, $notify);
if ($notify) {
$subject = elgg_echo("security_tools:notify_user:remove_admin:subject", array($site->name));
$message = elgg_echo("security_tools:notify_user:remove_admin:message", array($user->name, $logged_in_user->name));
notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
}
}
}
<?php
/**
* Elgg 1.8-svn upgrade 2011032200
* admins_like_widgets
*
* Give current admins widgets for those pre-1.8
*/
$admins = elgg_get_admins(array('limit' => 0));
foreach ($admins as $admin) {
// call the admin handler for the make_admin event
_elgg_add_admin_widgets('make_admin', 'user', $admin);
}
/**
* Runs unit tests.
*/
use Zend\Mail\Transport\InMemory as InMemoryTransport;
require_once __DIR__ . '/../../autoloader.php';
\Elgg\Application::start();
require_once __DIR__ . '/ElggCoreUnitTest.php';
require_once __DIR__ . '/ElggCoreGetEntitiesBaseTest.php';
// plugins that contain unit tests
$plugins = array('groups', 'htmlawed', 'thewire', 'web_services');
// don't expect admin session for CLI
if (!TextReporter::inCli()) {
elgg_admin_gatekeeper();
} else {
$admin = array_shift(elgg_get_admins(array('limit' => 1)));
if (!login($admin)) {
echo "Failed to login as administrator.";
exit(1);
}
global $CONFIG;
// activate plugins that are not activated on install
foreach ($plugins as $key => $id) {
$plugin = elgg_get_plugin_from_id($id);
if (!$plugin || $plugin->isActive()) {
unset($plugins[$key]);
continue;
}
$plugin->activate();
}
$CONFIG->debug = 'NOTICE';
*
* Updated for Elgg 1.8 and newer by iionly
* iionly@gmx.de
*/
$question = get_input("question");
$guid = (int) get_input("userGuid");
if (!empty($question) && !empty($guid)) {
$user = get_user($guid);
if (!empty($user)) {
$faq = new FAQObject();
$faq->container_guid = $user->guid;
$faq->owner_guid = $user->guid;
$faq->question = $question;
$faq->userQuestion = true;
if ($faq->save()) {
$admins = elgg_get_admins(array('order_by' => 'time_created asc'));
$notify = array();
$user_language = $user->language ? $user->language : (($site_language = elgg_get_config('language')) ? $site_language : 'en');
$subject = elgg_echo("faq:ask:new_question:subject", array(), $user_language);
$message = elgg_echo("faq:ask:new_question:message", array($question), $user_language);
$notify[$user->guid]['message'] = messages_send($subject, $message, $user->guid, $admins[0]->guid, 0, false, false);
$notify[] = notify_user($user->guid, $admins[0]->guid, $subject, $message, array(), 'email');
$admins_notified = notifyAdminNewQuestion();
if (in_array(true, $notify)) {
system_message(elgg_echo("faq:ask:new_question:send"));
} else {
register_error(elgg_echo("faq:ask:error:not_send"));
}
} else {
register_error("faq:ask:error:save");
}
/**
* Add the current site admins to the subscribers when making/removing an admin user
*
* @param string $hook 'get'
* @param string $type 'subscribers'
* @param array $return_value current subscribers
* @param arary $params supplied params
*
* @return void|array
*/
function _elgg_admin_get_admin_subscribers_admin_action($hook, $type, $return_value, $params)
{
if (!elgg_get_config('security_notify_admins')) {
return;
}
$event = elgg_extract('event', $params);
if (!$event instanceof \Elgg\Notifications\Event) {
return;
}
if (!in_array($event->getAction(), ['make_admin', 'remove_admin'])) {
return;
}
$user = $event->getObject();
if (!$user instanceof \ElggUser) {
return;
}
/* @var $admin_batch \Elgg\BatchResult */
$admin_batch = elgg_get_admins(['limit' => false, 'wheres' => ["e.guid <> {$user->getGUID()}"], 'batch' => true]);
/* @var $admin \ElggUser */
foreach ($admin_batch as $admin) {
$return_value[$admin->getGUID()] = ['email'];
}
return $return_value;
}
/**
* Get two random admins to notify about a showcase site in need of a review
*
* @param string $hook 'get'
* @param string $type 'subscriptions'
* @param array $subscriptions Array containing subscriptions in the form
* <user guid> => array(
* 'email',
* 'site',
* 'etc.',
* )
* @param array $params Hook parameters
* @return array $subscriptions Array containing the subscriptions
*/
function showcase_get_subscriptions($hook, $type, $subscriptions, $params)
{
$event = $params['event'];
$object = $event->getObject();
if (!$object instanceof ElggShowcase) {
return $subscriptions;
}
$actor = $event->getActor();
if ($actor->isAdmin()) {
// No need to notify if the editing user was an admin
return $subscriptions;
}
// Get all admins
$admins = elgg_get_admins(array('limit' => 0));
// Randomize the admins array
shuffle($admins);
// Pick two of them
$admins = array_slice($admins, 0, 2);
// At this point $subscriptions contains all the showcase owner's friends
// who have subscribed to receive notifications. We don't want to inform
// them, so we need to reset the array.
$subscriptions = array();
// Tell subscriptions system to send an email notification to both admins
foreach ($admins as $admin) {
$subscriptions[$admin->guid] = array('email');
}
return $subscriptions;
}
if (!$project instanceof PluginProject) {
register_error(elgg_echo('plugins:error:not_found'));
forward(REFERER);
}
if (empty($description)) {
register_error(elgg_echo('plugins:error:invalid_ownership_request'));
forward(REFERER);
}
$exists = elgg_annotation_exists($project_guid, 'ownership_request', $user_guid);
if ($exists) {
register_error(elgg_echo('plugins:error:ownership_request_exists'));
forward(REFERER);
}
$success = $project->annotate('ownership_request', $description, ACCESS_PUBLIC, $user_guid, 'text');
if (!$success) {
register_error(elgg_echo('plugins:error:ownership_request_failed'));
forward(REFERER);
}
// Get all admins and select two of them randomly
$admins = elgg_get_admins();
shuffle($admins);
$admins = array_slice($admins, 0, 2);
// Notify the admins about the new request
foreach ($admins as $admin) {
$url = elgg_get_site_url() . "plugins/{$project->guid}/ownership_requests";
$subject = elgg_echo('plugins:ownership_request:notify:subject', array(), $admin->language);
$message = elgg_echo('plugins:ownership_request:notify:body', array($url), $admin->language);
notify_user($admin->guid, 0, $subject, $message, array(), 'email');
}
system_message(elgg_echo('plugins:ownership_request:success'));
forward($project->getURL());
function hj_framework_process_notify_admins_input($hook, $type, $return, $params)
{
$admins = elgg_get_admins();
foreach ($admins as $admin) {
$to[] = $admin->guid;
}
$form = elgg_extract('form', $params);
$entity = elgg_extract('entity', $params);
$from = elgg_get_config('site')->guid;
$subject = elgg_echo('hj:framework:form:submitted:subject', elgg_echo($form->title));
$submissions_url = $form->getURL();
$message = elgg_echo('hj:framework:form:submitted:message', array($entity->getURL()));
notify_user($to, $from, $subject, $message);
return true;
}
<?php
/**
* Delete a user
*/
$user = elgg_get_logged_in_user_entity();
$username = $user->username;
// don't allow the only admin user to delete himself.
if ($user->isAdmin()) {
$admins = elgg_get_admins(array('count' => true));
if ($admins < 2) {
register_error(elgg_echo('delete_me:cannot_delete_admin'));
forward(REFERER);
}
}
// sometimes this can take a loooong time.
set_time_limit(0);
if ($user->delete()) {
setcookie("elggperm", "", time() - 86400 * 30, "/");
$_SESSION = array();
session_regenerate_id();
system_message(elgg_echo('admin:user:delete:yes', array($username)));
forward('/');
} else {
register_error(elgg_echo('admin:user:delete:no'));
forward(REFERRER);
}
function notifyAdminNewQuestion()
{
$admins = elgg_get_admins(array('order_by' => 'time_created asc'));
$result = array();
foreach ($admins as $admin) {
$admin_language = $admin->language ? $admin->language : (($site_language = elgg_get_config('language')) ? $site_language : 'en');
$subject = elgg_echo("faq:ask:notify:admin:subject", array(), $admin_language);
$message = elgg_echo("faq:ask:notify:admin:message", array($admin->name, elgg_get_site_url() . "faq/asked"), $admin_language);
$summary = '<a href="' . elgg_get_site_url() . 'faq/asked">' . elgg_echo("faq:ask:notify:admin:subject", array(), $admin_language) . '</a>';
$result[] = notify_user($admin->guid, elgg_get_logged_in_user_guid(), $subject, $message, array('summary' => $summary));
}
if (in_array(true, $result)) {
$result = true;
} else {
$result = false;
}
return $result;
}
