/** * Saves user to the database * * @param int $uid user id * @param string $usernmae (short) username * @param string $fullname user's full name * @param string $email user's email address * @param string $regdate date the user registered with the site * @param string $homepage user's homepage URL * @param array $groups groups the user belongs to * @param string $delete_photo delete user's photo if == 'on' * @return string HTML redirect or error message * */ function saveusers($uid, $username, $fullname, $passwd, $passwd_conf, $email, $regdate, $homepage, $groups, $delete_photo = '', $userstatus = 3, $oldstatus = 3) { global $_CONF, $_TABLES, $_USER, $LANG28, $_USER_VERBOSE; $retval = ''; $userChanged = false; if ($_USER_VERBOSE) { COM_errorLog("**** entering saveusers****", 1); COM_errorLog("group size at beginning = " . count($groups), 1); } $service = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$uid}"); // If remote service then assume blank password if (!empty($service)) { $passwd = ''; $passwd_conf = ''; } $passwd_changed = true; if (empty($service) && SEC_encryptUserPassword($passwd, $uid) === 0 && $passwd_conf === '') { $passwd_changed = false; } if ($passwd_changed && $passwd != $passwd_conf) { // passwords don't match return edituser($uid, 67); } $nameAndEmailOkay = true; if (empty($username)) { $nameAndEmailOkay = false; } elseif (empty($email)) { if (empty($uid)) { $nameAndEmailOkay = false; // new users need an email address } else { if (empty($service)) { $nameAndEmailOkay = false; // not a remote user - needs email } } } if ($nameAndEmailOkay) { if (!empty($email) && !COM_isEmail($email)) { return edituser($uid, 52); } $uname = DB_escapeString($username); if (empty($uid)) { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******'"); } else { if (!empty($service)) { $uservice = DB_escapeString($service); $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND remoteservice = '{$uservice}'"); } else { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND (remoteservice = '' OR remoteservice IS NULL)"); } } if ($ucount > 0) { // Admin just changed a user's username to one that already exists return edituser($uid, 51); } $emailaddr = DB_escapeString($email); $exclude_remote = " AND (remoteservice IS NULL OR remoteservice = '')"; if (empty($uid)) { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}'" . $exclude_remote); } else { $old_email = DB_getItem($_TABLES['users'], 'email', "uid = '{$uid}'"); if ($old_email == $email) { // email address didn't change so don't care $ucount = 0; } else { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}' AND uid <> {$uid}" . $exclude_remote); } } if ($ucount > 0) { // Admin just changed a user's email to one that already exists return edituser($uid, 56); } if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) { $ret = CUSTOM_userCheck($username, $email); if (!empty($ret)) { // need a numeric return value - otherwise use default message if (!is_numeric($ret['number'])) { $ret['number'] = 400; } return edituser($uid, $ret['number']); } } if (empty($uid)) { if (empty($passwd)) { // no password? create one ... $passwd = SEC_generateRandomPassword(); } $uid = USER_createAccount($username, $email, $passwd, $fullname, $homepage); if ($uid > 1) { DB_query("UPDATE {$_TABLES['users']} SET status = {$userstatus} WHERE uid = {$uid}"); } } else { $fullname = DB_escapeString($fullname); $homepage = DB_escapeString($homepage); $curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$uid}"); if (!empty($curphoto) && $delete_photo == 'on') { USER_deletePhoto($curphoto); $curphoto = ''; } if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) { $curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}"); if ($curusername != $username) { // user has been renamed - rename the photo, too $newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1); $imgpath = $_CONF['path_images'] . 'userphotos/'; if (@rename($imgpath . $curphoto, $imgpath . $newphoto) === false) { $retval .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".'); return $retval; } $curphoto = $newphoto; } } $curphoto = DB_escapeString($curphoto); DB_query("UPDATE {$_TABLES['users']} SET username = '******', fullname = '{$fullname}', email = '{$email}', homepage = '{$homepage}', photo = '{$curphoto}', status='{$userstatus}' WHERE uid = {$uid}"); if ($passwd_changed && !empty($passwd)) { SEC_updateUserPassword($passwd, $uid); } if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) { CUSTOM_userSave($uid); } if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && $userstatus == USER_ACCOUNT_ACTIVE) { USER_createAndSendPassword($username, $email, $uid); } if ($userstatus == USER_ACCOUNT_DISABLED) { SESS_endUserSession($uid); } $userChanged = true; } // check that the user is allowed to change group assignments if (is_array($groups) && SEC_hasRights('group.assign')) { if (!SEC_inGroup('Root')) { $rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'"); if (in_array($rootgrp, $groups)) { COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); exit; } } // make sure the Remote Users group is in $groups if (SEC_inGroup('Remote Users', $uid)) { $remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); if (!in_array($remUsers, $groups)) { $groups[] = $remUsers; } } if ($_USER_VERBOSE) { COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1); } // remove user from all groups that the User Admin is a member of $UserAdminGroups = SEC_getUserGroups(); $whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')'; DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup); // make sure to add user to All Users and Logged-in Users groups $allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'"); if (!in_array($allUsers, $groups)) { $groups[] = $allUsers; } $logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'"); if (!in_array($logUsers, $groups)) { $groups[] = $logUsers; } foreach ($groups as $userGroup) { if (in_array($userGroup, $UserAdminGroups)) { if ($_USER_VERBOSE) { COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1); } $sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})"; DB_query($sql); } } } if ($userChanged) { PLG_userInfoChanged($uid); } $errors = DB_error(); if (empty($errors)) { echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21); } else { $retval .= COM_errorLog('Error in saveusers in ' . $_CONF['site_admin_url'] . '/user.php'); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[22])); echo $retval; exit; } } else { $retval .= COM_showMessageText($LANG28[10]); if (!empty($uid) && $uid > 1 && DB_count($_TABLES['users'], 'uid', $uid) > 0) { $retval .= edituser($uid); } else { $retval .= edituser(); } $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[1])); COM_output($retval); exit; } if ($_USER_VERBOSE) { COM_errorLog("***************leaving saveusers*****************", 1); } return $retval; }
/** * Log user out * * This logs the user out of the system and clears all session vars * * @return none Redirects user to index page * */ function userLogout() { global $_CONF, $_TABLES, $_USER, $_COOKIE; if (!empty($_USER['uid']) and $_USER['uid'] > 1) { DB_query("UPDATE {$_TABLES['users']} set remote_ip='' WHERE uid=" . $_USER['uid'], 1); SESS_endUserSession($_USER['uid']); PLG_logoutUser($_USER['uid']); } SEC_setCookie($_CONF['cookie_session'], '', time() - 10000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); SEC_setCookie($_CONF['cookie_password'], '', time() - 10000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); SEC_setCookie($_CONF['cookie_name'], '', time() - 10000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); if (isset($_COOKIE['token'])) { $token = $_COOKIE['token']; DB_delete($_TABLES['tokens'], 'token', DB_escapeString($token)); SEC_setCookie('token', '', time() - 10000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); } DB_delete($_TABLES['tokens'], 'owner_id', (int) $_USER['uid']); echo COM_refresh($_CONF['site_url'] . '/index.php?msg=8'); }
/** * Saves user to the database * * @param int $uid user id * @return string HTML redirect or error message * */ function USER_save($uid) { global $_CONF, $_TABLES, $_USER, $LANG28, $_USER_VERBOSE; $retval = ''; $userChanged = false; if ($_USER_VERBOSE) { COM_errorLog("**** entering USER_save()****", 1); } if ($_USER_VERBOSE) { COM_errorLog("group size at beginning = " . sizeof($groups), 1); } $uid = COM_applyFilter($_POST['uid'], true); if ($uid == 0) { $uid = ''; } $regdate = COM_applyFilter($_POST['regdate'], true); $username = trim($_POST['new_username']); $fullname = COM_truncate(trim(USER_sanitizeName($_POST['fullname'])), 80); $userstatus = COM_applyFilter($_POST['userstatus'], true); $oldstatus = COM_applyFilter($_POST['oldstatus'], true); $passwd = isset($_POST['newp']) ? trim($_POST['newp']) : ''; $passwd_conf = isset($_POST['newp_conf']) ? trim($_POST['newp_conf']) : ''; $cooktime = COM_applyFilter($_POST['cooktime'], true); $email = trim($_POST['email']); $email_conf = trim($_POST['email_conf']); $groups = $_POST['groups']; $homepage = trim($_POST['homepage']); $location = strip_tags(trim($_POST['location'])); $photo = isset($_POST['photo']) ? $_POST['photo'] : ''; $delete_photo = isset($_POST['delete_photo']) && $_POST['delete_photo'] == 'on' ? 1 : 0; $sig = trim($_POST['sig']); $about = trim($_POST['about']); $pgpkey = trim($_POST['pgpkey']); $language = isset($_POST['language']) ? trim(COM_applyFilter($_POST['language'])) : ''; $theme = isset($_POST['theme']) ? trim(COM_applyFilter($_POST['theme'])) : ''; $maxstories = COM_applyFilter($_POST['maxstories'], true); $tzid = COM_applyFilter($_POST['tzid']); $dfid = COM_applyFilter($_POST['dfid'], true); $search_fmt = COM_applyFilter($_POST['search_result_format']); $commentmode = COM_applyFilter($_POST['commentmode']); $commentorder = isset($_POST['commentorder']) && $_POST['commentorder'] == 'DESC' ? 'DESC' : 'ASC'; $commentlimit = COM_applyFilter($_POST['commentlimit'], true); $emailfromuser = isset($_POST['emailfromuser']) && $_POST['emailfromuser'] == 'on' ? 1 : 0; $emailfromadmin = isset($_POST['emailfromadmin']) && $_POST['emailfromadmin'] == 'on' ? 1 : 0; $noicons = isset($_POST['noicons']) && $_POST['noicons'] == 'on' ? 1 : 0; $noboxes = isset($_POST['noboxes']) && $_POST['noboxes'] == 'on' ? 1 : 0; $showonline = isset($_POST['showonline']) && $_POST['showonline'] == 'on' ? 1 : 0; $topic_order = isset($_POST['topic_order']) && $_POST['topic_order'] == 'ASC' ? 'ASC' : 'DESC'; $maxstories = COM_applyFilter($_POST['maxstories'], true); $newuser = COM_applyFilter($_POST['newuser'], true); $remoteuser = isset($_POST['remoteuser']) && $_POST['remoteuser'] == 'on' ? 1 : 0; $remoteusername = isset($_POST['remoteusername']) ? strip_tags(trim($_POST['remoteusername'])) : ''; $remoteservice = isset($_POST['remoteservice']) ? COM_applyFilter($_POST['remoteservice']) : ''; $social_services = SOC_followMeProfile($uid); foreach ($social_services as $service) { $service_input = $service['service'] . '_username'; $_POST[$service_input] = strip_tags($_POST[$service_input]); } if ($uid == 1) { return USER_list(); } if ($uid == '' || $uid < 2 || $newuser == 1) { if (empty($passwd) && $remoteuser == 0) { return USER_edit($uid, 504); } if (empty($email)) { return USER_edit($uid, 505); } } if ($username == '') { return USER_edit($uid, 506); } if (!USER_validateUsername($username)) { return USER_edit($uid, 512); } if ($email == '') { return USER_edit($uid, 507); } if ($passwd != $passwd_conf && $remoteuser == 0) { // passwords don't match return USER_edit($uid, 67); } if ($email != $email_conf) { return USER_edit($uid, 508); } // remote user checks if ($remoteuser == 1) { if ($remoteusername == '') { return USER_edit($uid, 513); } if ($remoteservice == '') { return USER_edit($uid, 514); } } $validEmail = true; if (empty($username)) { $validEmail = false; } elseif (empty($email)) { if (empty($uid)) { $validEmail = false; } else { $ws_user = DB_getItem($_TABLES['users'], 'remoteservice', "uid = " . intval($uid)); if (empty($ws_user)) { $validEmail = false; } } } if ($validEmail) { if (!empty($email) && !COM_isEmail($email)) { return USER_edit($uid, 52); } $uname = DB_escapeString($username); if (empty($uid)) { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******'"); } else { $uservice = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$uid}"); if ($uservice != '') { $uservice = DB_escapeString($uservice); $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND remoteservice = '{$uservice}'"); } else { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND (remoteservice = '' OR remoteservice IS NULL)"); } } if ($ucount > 0) { // Admin just changed a user's username to one that already exists return USER_edit($uid, 51); } $emailaddr = DB_escapeString($email); $exclude_remote = " AND (remoteservice IS NULL OR remoteservice = '')"; if (empty($uid)) { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}'" . $exclude_remote); } else { $old_email = DB_getItem($_TABLES['users'], 'email', "uid = {$uid}"); if ($old_email == $email) { // email address didn't change so don't care $ucount = 0; } else { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}' AND uid <> {$uid}" . $exclude_remote); } } if ($ucount > 0) { // Admin just changed a user's email to one that already exists return USER_edit($uid, 56); } if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) { $ret = CUSTOM_userCheck($username, $email); if (!empty($ret)) { // need a numeric return value - otherwise use default message if (!is_numeric($ret['number'])) { $ret['number'] = 97; } return USER_edit($uid, $ret['number']); } } // Let plugins have a chance to decide what to do before saving the user, return errors. $msg = PLG_itemPreSave('useredit', $username); if (!empty($msg)) { // need a numeric return value - otherwise use default message if (!is_numeric($msg)) { $msg = 97; } return USER_edit($uid, $msg); } if (empty($uid) || !empty($passwd)) { $passwd2 = SEC_encryptPassword($passwd); } else { $passwd2 = DB_getItem($_TABLES['users'], 'passwd', "uid = {$uid}"); } // do we need to create the user? if (empty($uid)) { if (empty($passwd)) { // no password? create one ... $passwd = USER_createPassword(8); $passwd2 = SEC_encryptPassword($passwd); } if ($remoteuser == 1) { $uid = USER_createAccount($username, $email, '', $fullname, '', $remoteusername, $remoteservice, 1); } else { $uid = USER_createAccount($username, $email, $passwd2, $fullname, $homepage, '', '', 1); } if ($uid > 1) { DB_query("UPDATE {$_TABLES['users']} SET status = {$userstatus} WHERE uid = {$uid}"); } if (isset($_POST['emailuser'])) { USER_createAndSendPassword($username, $email, $uid, $passwd); } if ($uid < 2) { return USER_edit('', 509); } $newuser = 1; } // at this point, we have a valid user... // Filter some of the text entry fields to ensure they don't cause problems... $fullname = strip_tags($fullname); $about = strip_tags($about); $pgpkey = strip_tags($pgpkey); $curphoto = USER_handlePhotoUpload($uid, $delete_photo); if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) { $curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}"); if ($curusername != $username) { // user has been renamed - rename the photo, too $newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1); $imgpath = $_CONF['path_images'] . 'userphotos/'; if (rename($imgpath . $curphoto, $imgpath . $newphoto) === false) { $display = COM_siteHeader('menu', $LANG28[22]); $display .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".'); $display .= COM_siteFooter(); return $display; } $curphoto = $newphoto; } } // update users table $sql = "UPDATE {$_TABLES['users']} SET " . "username = '******'," . "fullname = '" . DB_escapeString($fullname) . "'," . "passwd = '" . DB_escapeString($passwd2) . "'," . "email = '" . DB_escapeString($email) . "'," . "homepage = '" . DB_escapeString($homepage) . "'," . "sig = '" . DB_escapeString($sig) . "'," . "photo = '" . DB_escapeString($curphoto) . "'," . "cookietimeout = {$cooktime}," . "theme = '" . DB_escapeString($theme) . "'," . "language = '" . DB_escapeString($language) . "'," . "status = {$userstatus} WHERE uid = {$uid};"; DB_query($sql); // update userprefs $sql = "UPDATE {$_TABLES['userprefs']} SET " . "noicons = {$noicons}," . "dfid = {$dfid}," . "tzid = '" . DB_escapeString($tzid) . "'," . "emailstories = 0," . "emailfromadmin = {$emailfromadmin}," . "emailfromuser = {$emailfromuser}," . "showonline = {$showonline}," . "search_result_format = '" . DB_escapeString($search_fmt) . "' WHERE uid={$uid};"; DB_query($sql); // userinfo table $sql = "UPDATE {$_TABLES['userinfo']} SET " . "about = '" . DB_escapeString($about) . "'," . "location = '" . DB_escapeString($location) . "'," . "pgpkey = '" . DB_escapeString($pgpkey) . "' WHERE uid={$uid};"; DB_query($sql); // userindex table $TIDS = @array_values($_POST['topics']); $AIDS = @array_values($_POST['selauthors']); $BOXES = @array_values($_POST['blocks']); $ETIDS = @array_values($_POST['dgtopics']); $allowed_etids = USER_buildTopicList(); $AETIDS = explode(' ', $allowed_etids); $tids = ''; if (sizeof($TIDS) > 0) { $tids = DB_escapeString(implode(' ', array_intersect($AETIDS, $TIDS))); } $aids = ''; if (sizeof($AIDS) > 0) { foreach ($AIDS as $key => $val) { $AIDS[$key] = intval($val); } $aids = DB_escapeString(implode(' ', $AIDS)); } $selectedblocks = ''; $selectedBoxes = array(); if (count($BOXES) > 0) { foreach ($BOXES as $key => $val) { $BOXES[$key] = intval($val); } $boxes = DB_escapeString(implode(',', $BOXES)); $blockresult = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$boxes})"); $numRows = DB_numRows($blockresult); for ($x = 1; $x <= $numRows; $x++) { $row = DB_fetchArray($blockresult); if ($row['name'] != 'user_block' and $row['name'] != 'admin_block' and $row['name'] != 'section_block') { $selectedblocks .= $row['bid']; if ($x != $numRows) { $selectedblocks .= ' '; } } } } $etids = '-'; if (sizeof($ETIDS) > 0) { $etids = DB_escapeString(implode(' ', array_intersect($AETIDS, $ETIDS))); } else { $etids = '-'; } DB_save($_TABLES['userindex'], "uid,tids,aids,boxes,noboxes,maxstories,etids", "{$uid},'{$tids}','{$aids}','{$selectedblocks}',{$noboxes},{$maxstories},'{$etids}'"); // usercomment DB_save($_TABLES['usercomment'], 'uid,commentmode,commentorder,commentlimit', "{$uid},'{$commentmode}','{$commentorder}'," . intval($commentlimit)); if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) { CUSTOM_userSave($uid); } if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && ($userstatus == USER_ACCOUNT_ACTIVE || $userstatus == USER_ACCOUNT_AWAITING_ACTIVATION || $userstatus == USER_ACCOUNT_AWAITING_VERIFICATION)) { USER_createAndSendPassword($username, $email, $uid); } if ($userstatus == USER_ACCOUNT_DISABLED) { SESS_endUserSession($uid); } $userChanged = true; // if groups is -1 then this user isn't allowed to change any groups so ignore if (is_array($groups) && SEC_hasRights('group.edit')) { if (!SEC_inGroup('Root')) { $rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'"); if (in_array($rootgrp, $groups)) { COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); exit; } } // make sure the Remote Users group is in $groups if (SEC_inGroup('Remote Users', $uid)) { $remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); if (!in_array($remUsers, $groups)) { $groups[] = $remUsers; } } if ($_USER_VERBOSE) { COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1); } // remove user from all groups that the User Admin is a member of $UserAdminGroups = SEC_getUserGroups(); $whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')'; DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup); // make sure to add user to All Users and Logged-in Users groups $allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'"); if (!in_array($allUsers, $groups)) { $groups[] = $allUsers; } $logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'"); if (!in_array($logUsers, $groups)) { $groups[] = $logUsers; } foreach ($groups as $userGroup) { if (in_array($userGroup, $UserAdminGroups)) { if ($_USER_VERBOSE) { COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1); } $sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})"; DB_query($sql); } } } // subscriptions $subscription_deletes = @array_values($_POST['subdelete']); if (is_array($subscription_deletes)) { foreach ($subscription_deletes as $subid) { DB_delete($_TABLES['subscriptions'], 'sub_id', (int) $subid); } } foreach ($social_services as $service) { $service_input = $service['service'] . '_username'; $_POST[$service_input] = DB_escapeString($_POST[$service_input]); if ($_POST[$service_input] != '') { $sql = "REPLACE INTO {$_TABLES['social_follow_user']} (ssid,uid,ss_username) "; $sql .= " VALUES (" . (int) $service['service_id'] . "," . $uid . ",'" . $_POST[$service_input] . "');"; DB_query($sql, 1); } else { $sql = "DELETE FROM {$_TABLES['social_follow_user']} WHERE ssid = " . (int) $service['service_id'] . " AND uid=" . (int) $uid; DB_query($sql, 1); } } if ($newuser == 0) { PLG_profileSave('', $uid); } else { PLG_createUser($uid); } if ($userChanged) { PLG_userInfoChanged($uid); } CACHE_remove_instance('mbmenu'); $errors = DB_error(); if (empty($errors)) { echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21); } else { $retval .= COM_siteHeader('menu', $LANG28[22]); $retval .= COM_errorLog('Error in USER_save() in ' . $_CONF['site_admin_url'] . '/user.php'); $retval .= COM_siteFooter(); echo $retval; exit; } } else { $retval = COM_siteHeader('menu', $LANG28[1]); $retval .= COM_errorLog($LANG28[10]); if (DB_count($_TABLES['users'], 'uid', $uid) > 0) { $retval .= USER_edit($uid); } else { $retval .= USER_edit(); } $retval .= COM_siteFooter(); echo $retval; exit; } if ($_USER_VERBOSE) { COM_errorLog("***************leaving USER_save()*****************", 1); } return $retval; }
/** * Delete a user account * * @param int $uid id of the user to delete * @return boolean true = user deleted, false = an error occured * */ function USER_deleteAccount($uid) { global $_CONF, $_TABLES, $_USER; // first some checks ... if ($uid == $_USER['uid'] && $_CONF['allow_account_delete'] == 1 || SEC_hasRights('user.delete')) { if (SEC_inGroup('Root', $uid)) { if (!SEC_inGroup('Root')) { // can't delete a Root user without being in the Root group COM_accessLog("User {$_USER['uid']} just tried to delete Root user {$uid} with insufficient privileges."); return false; } else { $rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'"); $result = DB_query("SELECT COUNT(DISTINCT {$_TABLES['users']}.uid) AS count FROM {$_TABLES['users']},{$_TABLES['group_assignments']} WHERE {$_TABLES['users']}.uid > 1 AND {$_TABLES['users']}.uid = {$_TABLES['group_assignments']}.ug_uid AND ({$_TABLES['group_assignments']}.ug_main_grp_id = {$rootgrp})"); $A = DB_fetchArray($result); if ($A['count'] <= 1) { // make sure there's at least 1 Root user left COM_errorLog("You can't delete the last user from the Root group.", 1); return false; } } } } else { // you can only delete your own account (if enabled) or you need // proper permissions to do so (user.delete) COM_accessLog("User {$_USER['uid']} just tried to delete user {$uid} with insufficient privileges."); return false; } // log the user out SESS_endUserSession($uid); // Ok, now delete everything related to this user // let plugins update their data for this user PLG_deleteUser($uid); // Call custom account profile delete function if enabled and exists if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDelete')) { CUSTOM_userDelete($uid); } // remove from all security groups DB_delete($_TABLES['group_assignments'], 'ug_uid', $uid); // remove user information and preferences DB_delete($_TABLES['userprefs'], 'uid', $uid); DB_delete($_TABLES['userindex'], 'uid', $uid); DB_delete($_TABLES['usercomment'], 'uid', $uid); DB_delete($_TABLES['userinfo'], 'uid', $uid); // avoid having orphand stories/comments by making them anonymous posts DB_query("UPDATE {$_TABLES['comments']} SET uid = 1 WHERE uid = {$uid}"); DB_query("UPDATE {$_TABLES['stories']} SET uid = 1 WHERE uid = {$uid}"); DB_query("UPDATE {$_TABLES['stories']} SET owner_id = 1 WHERE owner_id = {$uid}"); // delete story submissions DB_delete($_TABLES['storysubmission'], 'uid', $uid); // delete user photo, if enabled & exists if ($_CONF['allow_user_photo'] == 1) { $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$uid}"); USER_deletePhoto($photo, false); } // in case the user owned any objects that require Admin access, assign // them to the Root user with the lowest uid $rootgroup = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'"); $result = DB_query("SELECT DISTINCT ug_uid FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = {$rootgroup} ORDER BY ug_uid LIMIT 1"); $A = DB_fetchArray($result); $rootuser = $A['ug_uid']; DB_query("UPDATE {$_TABLES['blocks']} SET owner_id = {$rootuser} WHERE owner_id = {$uid}"); DB_query("UPDATE {$_TABLES['topics']} SET owner_id = {$rootuser} WHERE owner_id = {$uid}"); // now delete the user itself DB_delete($_TABLES['users'], 'uid', $uid); return true; }
COM_redirect($_CONF['site_url'] . '/index.php'); } // don't return exit; } // MAIN if (isset($_REQUEST['mode'])) { $mode = $_REQUEST['mode']; } else { $mode = ''; } $display = ''; switch ($mode) { case 'logout': if (!empty($_USER['uid']) && $_USER['uid'] > 1) { SESS_endUserSession($_USER['uid']); PLG_logoutUser($_USER['uid']); } SEC_setCookie($_CONF['cookie_session'], '', time() - 10000); SEC_setCookie($_CONF['cookie_password'], '', time() - 10000); SEC_setCookie($_CONF['cookie_name'], '', time() - 10000); COM_redirect($_CONF['site_url'] . '/index.php?msg=8'); break; case 'profile': $uid = COM_applyFilter($_GET['uid'], true); if (is_numeric($uid) && $uid > 1) { $msg = 0; if (isset($_GET['msg'])) { $msg = COM_applyFilter($_GET['msg'], true); } $plugin = '';
/** * Merge User Accounts * * This validates the entered password and then merges a remote * account with a local account. * * @return string HTML merge form if error, redirect on success * */ function USER_mergeAccounts() { global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG04, $LANG12, $LANG20; $retval = ''; $remoteUID = COM_applyFilter($_POST['remoteuid'], true); $localUID = COM_applyFilter($_POST['localuid'], true); $localpwd = $_POST['localp']; $localResult = DB_query("SELECT * FROM {$_TABLES['users']} WHERE uid=" . (int) $localUID); $localRow = DB_fetchArray($localResult); if (SEC_check_hash($localpwd, $localRow['passwd'])) { // password is valid $sql = "SELECT * FROM {$_TABLES['users']} WHERE remoteusername <> '' and email='" . DB_escapeString($localRow['email']) . "'"; $result = DB_query($sql); $numRows = DB_numRows($result); if ($numRows == 1) { $remoteRow = DB_fetchArray($result); if ($remoteUID == $remoteRow['uid']) { $remoteUID = (int) $remoteRow['uid']; $remoteService = substr($remoteRow['remoteservice'], 6); } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); } } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); } $sql = "UPDATE {$_TABLES['users']} SET remoteusername='******'remoteusername']) . "'," . "remoteservice='" . DB_escapeString($remoteRow['remoteservice']) . "', " . "account_type=3 " . " WHERE uid=" . (int) $localUID; DB_query($sql); $_USER['uid'] = $localRow['uid']; $local_login = true; SESS_completeLogin($localUID); $_GROUPS = SEC_getUserGroups($_USER['uid']); $_RIGHTS = explode(',', SEC_getUserPermissions()); if ($_SYSTEM['admin_session'] > 0 && $local_login) { if (SEC_isModerator() || SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') || count(PLG_getAdminOptions()) > 0) { $admin_token = SEC_createTokenGeneral('administration', $_SYSTEM['admin_session']); SEC_setCookie('token', $admin_token, 0, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); } } COM_resetSpeedlimit('login'); // log the user out SESS_endUserSession($remoteUID); // Let plugins know a user is being merged PLG_moveUser($remoteUID, $_USER['uid']); // Ok, now delete everything related to this user // let plugins update their data for this user PLG_deleteUser($remoteUID); if (function_exists('CUSTOM_userDeleteHook')) { CUSTOM_userDeleteHook($remoteUID); } // Call custom account profile delete function if enabled and exists if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDelete')) { CUSTOM_userDelete($remoteUID); } // remove from all security groups DB_delete($_TABLES['group_assignments'], 'ug_uid', $remoteUID); // remove user information and preferences DB_delete($_TABLES['userprefs'], 'uid', $remoteUID); DB_delete($_TABLES['userindex'], 'uid', $remoteUID); DB_delete($_TABLES['usercomment'], 'uid', $remoteUID); DB_delete($_TABLES['userinfo'], 'uid', $remoteUID); // delete user photo, if enabled & exists if ($_CONF['allow_user_photo'] == 1) { $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$remoteUID}"); USER_deletePhoto($photo, false); } // delete subscriptions DB_delete($_TABLES['subscriptions'], 'uid', $remoteUID); // in case the user owned any objects that require Admin access, assign // them to the Root user with the lowest uid $rootgroup = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'"); $result = DB_query("SELECT DISTINCT ug_uid FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = '{$rootgroup}' ORDER BY ug_uid LIMIT 1"); $A = DB_fetchArray($result); $rootuser = $A['ug_uid']; if ($rootuser == '' || $rootuser < 2) { $rootuser = 2; } DB_query("UPDATE {$_TABLES['blocks']} SET owner_id = {$rootuser} WHERE owner_id = {$remoteUID}"); DB_query("UPDATE {$_TABLES['topics']} SET owner_id = {$rootuser} WHERE owner_id = {$remoteUID}"); // now delete the user itself DB_delete($_TABLES['users'], 'uid', $remoteUID); } else { // invalid password - let's try one more time // need to set speed limit and give them 3 tries COM_clearSpeedlimit($_CONF['login_speedlimit'], 'merge'); $last = COM_checkSpeedlimit('merge', 4); if ($last > 0) { COM_setMsg($LANG04[190], 'error'); echo COM_refresh($_CONF['site_url'] . '/users.php'); } else { COM_updateSpeedlimit('merge'); USER_mergeAccountScreen($remoteUID, $localUID, $LANG20[3]); } return $retval; } // can't use COM_setMsg here since the session is being destroyed. echo COM_refresh($_CONF['site_url'] . '/index.php?msg=522'); }