function deleteMembers($users, $check_not_admin = false) { global $sourcedir, $modSettings, $user_info, $backend_subdir; // Try give us a while to sort this out... @set_time_limit(600); // Try to get some more memory. if (@ini_get('memory_limit') < 128) { @ini_set('memory_limit', '128M'); } // If it's not an array, make it so! if (!is_array($users)) { $users = array($users); } else { $users = array_unique($users); } // Make sure there's no void user in here. $users = array_diff($users, array(0)); // How many are they deleting? if (empty($users)) { return; } elseif (count($users) == 1) { list($user) = $users; if ($user == $user_info['id']) { isAllowedTo('profile_remove_own'); } else { isAllowedTo('profile_remove_any'); } } else { foreach ($users as $k => $v) { $users[$k] = (int) $v; } // Deleting more than one? You can't have more than one account... isAllowedTo('profile_remove_any'); } // Get their names for logging purposes. $request = smf_db_query(' SELECT id_member, member_name, CASE WHEN id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0 THEN 1 ELSE 0 END AS is_admin FROM {db_prefix}members WHERE id_member IN ({array_int:user_list}) LIMIT ' . count($users), array('user_list' => $users, 'admin_group' => 1)); $admins = array(); $user_log_details = array(); while ($row = mysql_fetch_assoc($request)) { if ($row['is_admin']) { $admins[] = $row['id_member']; } $user_log_details[$row['id_member']] = array($row['id_member'], $row['member_name']); } mysql_free_result($request); if (empty($user_log_details)) { return; } // Make sure they aren't trying to delete administrators if they aren't one. But don't bother checking if it's just themself. if (!empty($admins) && ($check_not_admin || !allowedTo('admin_forum') && (count($users) != 1 || $users[0] != $user_info['id']))) { $users = array_diff($users, $admins); foreach ($admins as $id) { unset($user_log_details[$id]); } } // No one left? if (empty($users)) { return; } // Log the action - regardless of who is deleting it. $log_inserts = array(); foreach ($user_log_details as $user) { // Integration rocks! HookAPI::callHook('integrate_delete_member', array($user[0])); // Add it to the administration log for future reference. $log_inserts[] = array(time(), 3, $user_info['id'], $user_info['ip'], 'delete_member', 0, 0, 0, serialize(array('member' => $user[0], 'name' => $user[1], 'member_acted' => $user_info['name']))); // Remove any cached data if enabled. if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2) { CacheAPI::putCache('user_settings-' . $user[0], null, 60); } } // Do the actual logging... if (!empty($log_inserts) && !empty($modSettings['modlog_enabled'])) { smf_db_insert('', '{db_prefix}log_actions', array('log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string', 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534'), $log_inserts, array('id_action')); } // Make these peoples' posts guest posts. smf_db_query(' UPDATE {db_prefix}messages SET id_member = {int:guest_id}, poster_email = {string:blank_email} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'blank_email' => '', 'users' => $users)); smf_db_query(' UPDATE {db_prefix}polls SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // Make these peoples' posts guest first posts and last posts. smf_db_query(' UPDATE {db_prefix}topics SET id_member_started = {int:guest_id} WHERE id_member_started IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); smf_db_query(' UPDATE {db_prefix}topics SET id_member_updated = {int:guest_id} WHERE id_member_updated IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); smf_db_query(' UPDATE {db_prefix}log_actions SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); smf_db_query(' UPDATE {db_prefix}log_banned SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); smf_db_query(' UPDATE {db_prefix}log_errors SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // Delete the member. smf_db_query(' DELETE FROM {db_prefix}members WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete the logs... smf_db_query(' DELETE FROM {db_prefix}log_actions WHERE id_log = {int:log_type} AND id_member IN ({array_int:users})', array('log_type' => 2, 'users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_boards WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_comments WHERE id_recipient IN ({array_int:users}) AND comment_type = {string:warntpl}', array('users' => $users, 'warntpl' => 'warntpl')); smf_db_query(' DELETE FROM {db_prefix}log_group_requests WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_karma WHERE id_target IN ({array_int:users}) OR id_executor IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_mark_read WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_notify WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_online WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_subscribed WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}log_topics WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}collapsed_categories WHERE id_member IN ({array_int:users})', array('users' => $users)); // delete activities and corresponding notifications smf_db_query(' DELETE a.*, n.* FROM {db_prefix}log_activities AS a LEFT JOIN {db_prefix}log_notifications AS n ON (n.id_act = a.id_act) WHERE a.id_member IN ({array_int:users})', array('users' => $users)); // Make their votes appear as guest votes - at least it keeps the totals right. //!!! Consider adding back in cookie protection. smf_db_query(' UPDATE {db_prefix}log_polls SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // Delete personal messages. require_once $sourcedir . '/PersonalMessage.php'; deleteMessages(null, null, $users); smf_db_query(' UPDATE {db_prefix}personal_messages SET id_member_from = {int:guest_id} WHERE id_member_from IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // They no longer exist, so we don't know who it was sent to. smf_db_query(' DELETE FROM {db_prefix}pm_recipients WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}drafts WHERE id_member IN ({array_int:members})', array('members' => $users)); // Delete avatar. require_once $sourcedir . '/lib/Subs-ManageAttachments.php'; removeAttachments(array('id_member' => $users)); // It's over, no more moderation for you. smf_db_query(' DELETE FROM {db_prefix}moderators WHERE id_member IN ({array_int:users})', array('users' => $users)); smf_db_query(' DELETE FROM {db_prefix}group_moderators WHERE id_member IN ({array_int:users})', array('users' => $users)); // If you don't exist we can't ban you. smf_db_query(' DELETE FROM {db_prefix}ban_items WHERE id_member IN ({array_int:users})', array('users' => $users)); // Remove individual theme settings. smf_db_query(' DELETE FROM {db_prefix}themes WHERE id_member IN ({array_int:users})', array('users' => $users)); // These users are nobody's buddy nomore. $request = smf_db_query(' SELECT id_member, pm_ignore_list, buddy_list FROM {db_prefix}members WHERE FIND_IN_SET({raw:pm_ignore_list}, pm_ignore_list) != 0 OR FIND_IN_SET({raw:buddy_list}, buddy_list) != 0', array('pm_ignore_list' => implode(', pm_ignore_list) != 0 OR FIND_IN_SET(', $users), 'buddy_list' => implode(', buddy_list) != 0 OR FIND_IN_SET(', $users))); while ($row = mysql_fetch_assoc($request)) { smf_db_query(' UPDATE {db_prefix}members SET pm_ignore_list = {string:pm_ignore_list}, buddy_list = {string:buddy_list} WHERE id_member = {int:id_member}', array('id_member' => $row['id_member'], 'pm_ignore_list' => implode(',', array_diff(explode(',', $row['pm_ignore_list']), $users)), 'buddy_list' => implode(',', array_diff(explode(',', $row['buddy_list']), $users)))); } mysql_free_result($request); // Make sure no member's birthday is still sticking in the calendar... updateSettings(array('calendar_updated' => time())); updateStats('member'); }
/** * This will apply rules to all unread messages. If all_messages is set will, clearly, do it to all! * * @param bool $all_messages = false */ function ApplyRules($all_messages = false) { global $user_info, $smcFunc, $context, $options; // Want this - duh! loadRules(); // No rules? if (empty($context['rules'])) { return; } // Just unread ones? $ruleQuery = $all_messages ? '' : ' AND pmr.is_new = 1'; // @todo Apply all should have timeout protection! // Get all the messages that match this. $request = $smcFunc['db_query']('', ' SELECT pmr.id_pm, pm.id_member_from, pm.subject, pm.body, mem.id_group, pmr.labels FROM {db_prefix}pm_recipients AS pmr INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm) LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = pm.id_member_from) WHERE pmr.id_member = {int:current_member} AND pmr.deleted = {int:not_deleted} ' . $ruleQuery, array('current_member' => $user_info['id'], 'not_deleted' => 0)); $actions = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { foreach ($context['rules'] as $rule) { $match = false; // Loop through all the criteria hoping to make a match. foreach ($rule['criteria'] as $criterium) { if ($criterium['t'] == 'mid' && $criterium['v'] == $row['id_member_from'] || $criterium['t'] == 'gid' && $criterium['v'] == $row['id_group'] || $criterium['t'] == 'sub' && strpos($row['subject'], $criterium['v']) !== false || $criterium['t'] == 'msg' && strpos($row['body'], $criterium['v']) !== false) { $match = true; } elseif ($rule['logic'] == 'and') { $match = false; break; } } // If we have a match the rule must be true - act! if ($match) { if ($rule['delete']) { $actions['deletes'][] = $row['id_pm']; } else { foreach ($rule['actions'] as $ruleAction) { if ($ruleAction['t'] == 'lab') { // Get a basic pot started! if (!isset($actions['labels'][$row['id_pm']])) { $actions['labels'][$row['id_pm']] = empty($row['labels']) ? array() : explode(',', $row['labels']); } $actions['labels'][$row['id_pm']][] = $ruleAction['v']; } } } } } } $smcFunc['db_free_result']($request); // Deletes are easy! if (!empty($actions['deletes'])) { deleteMessages($actions['deletes']); } // Relabel? if (!empty($actions['labels'])) { foreach ($actions['labels'] as $pm => $labels) { // Quickly check each label is valid! $realLabels = array(); foreach ($context['labels'] as $label) { if (in_array($label['id'], $labels) && ($label['id'] != -1 || empty($options['pm_remove_inbox_label']))) { $realLabels[] = $label['id']; } } $smcFunc['db_query']('', ' UPDATE {db_prefix}pm_recipients SET labels = {string:new_labels} WHERE id_pm = {int:id_pm} AND id_member = {int:current_member}', array('current_member' => $user_info['id'], 'id_pm' => $pm, 'new_labels' => empty($realLabels) ? '' : implode(',', $realLabels))); } } }
}); $app->get('/users/:facebookId', function ($facebookId) use($entityManager) { $sql = "select username from users where facebookId = :facebookId"; $params['facebookId'] = $facebookId; $stmt = $entityManager->getConnection()->prepare($sql); $stmt->execute($params); $result = $stmt->fetchAll(); if (count($result) == 0) { echo json_encode($result); } else { echo json_encode($result); } }); $app->delete('/users/:id', function ($id) { deleteVotes($id, $entityManager); deleteMessages($id, $entityManager); deleteUser($id, $entityManager); }); function deleteVotes($id, $entityManager) { $sql = "DELETE FROM votes WHERE votes.from = :id or votes.to = :id"; $params['id'] = $id; $stmt = $entityManager->getConnection()->prepare($sql); $stmt->execute($params); echo json_encode($stmt->fetchAll()); } function deleteMessages($id, $entityManager) { $sql = "DELETE FROM messages WHERE messages.from = :id or messages.to = :id"; $params['id'] = $id; $stmt = $entityManager->getConnection()->prepare($sql);
function MessagePrune() { global $txt, $context, $db_prefix, $ID_MEMBER, $scripturl; // Actually delete the messages. if (isset($_REQUEST['age'])) { checkSession(); // Calculate the time to delete before. $deleteTime = time() - 86400 * (int) $_REQUEST['age']; // Array to store the IDs in. $toDelete = array(); // Select all the messages they have sent older than $deleteTime. $request = db_query("\n\t\t\tSELECT ID_PM\n\t\t\tFROM {$db_prefix}personal_messages\n\t\t\tWHERE deletedBySender = 0\n\t\t\t\tAND ID_MEMBER_FROM = {$ID_MEMBER}\n\t\t\t\tAND msgtime < {$deleteTime}", __FILE__, __LINE__); while ($row = mysql_fetch_row($request)) { $toDelete[] = $row[0]; } mysql_free_result($request); // Select all messages in their inbox older than $deleteTime. $request = db_query("\n\t\t\tSELECT pmr.ID_PM\n\t\t\tFROM ({$db_prefix}pm_recipients AS pmr, {$db_prefix}personal_messages AS pm)\n\t\t\tWHERE pmr.deleted = 0\n\t\t\t\tAND pmr.ID_MEMBER = {$ID_MEMBER}\n\t\t\t\tAND pm.ID_PM = pmr.ID_PM\n\t\t\t\tAND pm.msgtime < {$deleteTime}", __FILE__, __LINE__); while ($row = mysql_fetch_assoc($request)) { $toDelete[] = $row['ID_PM']; } mysql_free_result($request); // Delete the actual messages. deleteMessages($toDelete); // Go back to their inbox. redirectexit($context['current_label_redirect']); } // Build the link tree elements. $context['linktree'][] = array('url' => $scripturl . '?action=pm;sa=prune', 'name' => $txt['pm_prune']); $context['sub_template'] = 'prune'; $context['page_title'] = $txt['pm_prune']; }
} $messagesIds = str_ireplace(' ', ',', $messagesIds); $requiredMessageActions = array('read', 'unread', 'delete'); if (in_array($action, $requiredMessageActions) && strlen($messagesIds) == 0) { header("Location: {$url}?page={$current_page}&error_message=0"); die; } switch ($action) { case 'read': readMessages($messagesIds); break; case 'unread': unreadMessages($messagesIds); break; case 'delete': deleteMessages($messagesIds); break; case 'selectall': $select_all = selectAll($_POST['page']); header("Location: {$url}?page={$current_page}&select_all={$select_all}"); die; break; case 'nothing': header("Location: {$url}?page={$current_page}&error_message=1"); die; break; default: break; } header("Location: {$url}?page={$current_page}"); function readMessages($messages)
function deleteMembers($users) { global $db_prefix, $sourcedir, $modSettings, $ID_MEMBER; // If it's not an array, make it so! if (!is_array($users)) { $users = array($users); } else { $users = array_unique($users); } // Make sure there's no void user in here. $users = array_diff($users, array(0)); // How many are they deleting? if (empty($users)) { return; } elseif (count($users) == 1) { list($user) = $users; $condition = '= ' . $user; if ($user == $ID_MEMBER) { isAllowedTo('profile_remove_own'); } else { isAllowedTo('profile_remove_any'); } } else { foreach ($users as $k => $v) { $users[$k] = (int) $v; } $condition = 'IN (' . implode(', ', $users) . ')'; // Deleting more than one? You can't have more than one account... isAllowedTo('profile_remove_any'); } // Make sure they aren't trying to delete administrators if they aren't one. But don't bother checking if it's just themself. if (!allowedTo('admin_forum') && (count($users) != 1 || $users[0] != $ID_MEMBER)) { $request = db_query("\n\t\t\tSELECT ID_MEMBER\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE ID_MEMBER IN (" . implode(', ', $users) . ")\n\t\t\t\tAND (ID_GROUP = 1 OR FIND_IN_SET(1, additionalGroups) != 0)\n\t\t\tLIMIT " . count($users), __FILE__, __LINE__); $admins = array(); while ($row = mysql_fetch_assoc($request)) { $admins[] = $row['ID_MEMBER']; } mysql_free_result($request); if (!empty($admins)) { $users = array_diff($users, $admins); } } if (empty($users)) { return; } // Log the action - regardless of who is deleting it. foreach ($users as $user) { // Integration rocks! if (isset($modSettings['integrate_delete_member']) && function_exists($modSettings['integrate_delete_member'])) { call_user_func($modSettings['integrate_delete_member'], $user); } logAction('delete_member', array('member' => $user)); } // Make these peoples' posts guest posts. db_query("\n\t\tUPDATE {$db_prefix}messages\n\t\tSET ID_MEMBER = 0" . (!empty($modSettings['allow_hideEmail']) ? ", posterEmail = ''" : '') . "\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tUPDATE {$db_prefix}polls\n\t\tSET ID_MEMBER = 0\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); // Make these peoples' posts guest first posts and last posts. db_query("\n\t\tUPDATE {$db_prefix}topics\n\t\tSET ID_MEMBER_STARTED = 0\n\t\tWHERE ID_MEMBER_STARTED {$condition}", __FILE__, __LINE__); db_query("\n\t\tUPDATE {$db_prefix}topics\n\t\tSET ID_MEMBER_UPDATED = 0\n\t\tWHERE ID_MEMBER_UPDATED {$condition}", __FILE__, __LINE__); db_query("\n\t\tUPDATE {$db_prefix}log_actions\n\t\tSET ID_MEMBER = 0\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tUPDATE {$db_prefix}log_banned\n\t\tSET ID_MEMBER = 0\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tUPDATE {$db_prefix}log_errors\n\t\tSET ID_MEMBER = 0\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); // Delete the member. db_query("\n\t\tDELETE FROM {$db_prefix}members\n\t\tWHERE ID_MEMBER {$condition}\n\t\tLIMIT " . count($users), __FILE__, __LINE__); // Delete the logs... db_query("\n\t\tDELETE FROM {$db_prefix}log_boards\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}log_karma\n\t\tWHERE ID_TARGET {$condition}\n\t\t\tOR ID_EXECUTOR {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}log_mark_read\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}log_notify\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}log_online\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}log_polls\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}log_topics\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); db_query("\n\t\tDELETE FROM {$db_prefix}collapsed_categories\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); // Delete personal messages. require_once $sourcedir . '/PersonalMessage.php'; deleteMessages(null, null, $users); db_query("\n\t\tUPDATE {$db_prefix}personal_messages\n\t\tSET ID_MEMBER_FROM = 0\n\t\tWHERE ID_MEMBER_FROM {$condition}", __FILE__, __LINE__); // Delete avatar. require_once $sourcedir . '/ManageAttachments.php'; removeAttachments('a.ID_MEMBER ' . $condition); // It's over, no more moderation for you. db_query("\n\t\tDELETE FROM {$db_prefix}moderators\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); // If you don't exist we can't ban you. db_query("\n\t\tDELETE FROM {$db_prefix}ban_items\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); // Remove individual theme settings. db_query("\n\t\tDELETE FROM {$db_prefix}themes\n\t\tWHERE ID_MEMBER {$condition}", __FILE__, __LINE__); // These users are nobody's buddy nomore. $request = db_query("\n\t\tSELECT ID_MEMBER, pm_ignore_list, buddy_list\n\t\tFROM {$db_prefix}members\n\t\tWHERE FIND_IN_SET(" . implode(', pm_ignore_list) OR FIND_IN_SET(', $users) . ', pm_ignore_list) OR FIND_IN_SET(' . implode(', buddy_list) OR FIND_IN_SET(', $users) . ', buddy_list)', __FILE__, __LINE__); while ($row = mysql_fetch_assoc($request)) { db_query("\n\t\t\tUPDATE {$db_prefix}members\n\t\t\tSET\n\t\t\t\tpm_ignore_list = '" . implode(',', array_diff(explode(',', $row['pm_ignore_list']), $users)) . "',\n\t\t\t\tbuddy_list = '" . implode(',', array_diff(explode(',', $row['buddy_list']), $users)) . "'\n\t\t\tWHERE ID_MEMBER = {$row['ID_MEMBER']}\n\t\t\tLIMIT 1", __FILE__, __LINE__); } mysql_free_result($request); // Make sure no member's birthday is still sticking in the calendar... updateStats('calendar'); updateStats('member'); }
/** * Delete one or more members. * * What it does: * - Requires profile_remove_own or profile_remove_any permission for * respectively removing your own account or any account. * - Non-admins cannot delete admins. * * The function: * - changes author of messages, topics and polls to guest authors. * - removes all log entries concerning the deleted members, except the * error logs, ban logs and moderation logs. * - removes these members' personal messages (only the inbox) * - rmoves avatars, ban entries, theme settings, moderator positions, poll votes, * drafts, likes, mentions, notifications * - removes custom field data associated with them * - updates member statistics afterwards. * * @package Members * @param int[]|int $users * @param bool $check_not_admin = false */ function deleteMembers($users, $check_not_admin = false) { global $modSettings, $user_info; $db = database(); // Try give us a while to sort this out... @set_time_limit(600); // Try to get some more memory. setMemoryLimit('128M'); // If it's not an array, make it so! if (!is_array($users)) { $users = array($users); } else { $users = array_unique($users); } // Make sure there's no void user in here. $users = array_diff($users, array(0)); // How many are they deleting? if (empty($users)) { return; } elseif (count($users) == 1) { list($user) = $users; if ($user == $user_info['id']) { isAllowedTo('profile_remove_own'); } else { isAllowedTo('profile_remove_any'); } } else { foreach ($users as $k => $v) { $users[$k] = (int) $v; } // Deleting more than one? You can't have more than one account... isAllowedTo('profile_remove_any'); } // Get their names for logging purposes. $request = $db->query('', ' SELECT id_member, member_name, email_address, CASE WHEN id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0 THEN 1 ELSE 0 END AS is_admin FROM {db_prefix}members WHERE id_member IN ({array_int:user_list}) LIMIT ' . count($users), array('user_list' => $users, 'admin_group' => 1)); $admins = array(); $emails = array(); $user_log_details = array(); while ($row = $db->fetch_assoc($request)) { if ($row['is_admin']) { $admins[] = $row['id_member']; } $user_log_details[$row['id_member']] = array($row['id_member'], $row['member_name']); $emails[] = $row['email_address']; } $db->free_result($request); if (empty($user_log_details)) { return; } // Make sure they aren't trying to delete administrators if they aren't one. But don't bother checking if it's just themself. if (!empty($admins) && ($check_not_admin || !allowedTo('admin_forum') && (count($users) != 1 || $users[0] != $user_info['id']))) { $users = array_diff($users, $admins); foreach ($admins as $id) { unset($user_log_details[$id]); } } // No one left? if (empty($users)) { return; } // Log the action - regardless of who is deleting it. $log_changes = array(); foreach ($user_log_details as $user) { $log_changes[] = array('action' => 'delete_member', 'log_type' => 'admin', 'extra' => array('member' => $user[0], 'name' => $user[1], 'member_acted' => $user_info['name'])); // Remove any cached data if enabled. if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2) { cache_put_data('user_settings-' . $user[0], null, 60); } } // Make these peoples' posts guest posts. $db->query('', ' UPDATE {db_prefix}messages SET id_member = {int:guest_id}' . (!empty($modSettings['deleteMembersRemovesEmail']) ? ', poster_email = {string:blank_email}' : '') . ' WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'blank_email' => '', 'users' => $users)); $db->query('', ' UPDATE {db_prefix}polls SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // Make these peoples' posts guest first posts and last posts. $db->query('', ' UPDATE {db_prefix}topics SET id_member_started = {int:guest_id} WHERE id_member_started IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); $db->query('', ' UPDATE {db_prefix}topics SET id_member_updated = {int:guest_id} WHERE id_member_updated IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); $db->query('', ' UPDATE {db_prefix}log_actions SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); $db->query('', ' UPDATE {db_prefix}log_banned SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); $db->query('', ' UPDATE {db_prefix}log_errors SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // Delete the member. $db->query('', ' DELETE FROM {db_prefix}members WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete any drafts... $db->query('', ' DELETE FROM {db_prefix}user_drafts WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete any likes... $db->query('', ' DELETE FROM {db_prefix}message_likes WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete any custom field data... $db->query('', ' DELETE FROM {db_prefix}custom_fields_data WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete any post by email keys... $db->query('', ' DELETE FROM {db_prefix}postby_emails WHERE email_to IN ({array_string:emails})', array('emails' => $emails)); // Delete the logs... $db->query('', ' DELETE FROM {db_prefix}log_actions WHERE id_log = {int:log_type} AND id_member IN ({array_int:users})', array('log_type' => 2, 'users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_boards WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_comments WHERE id_recipient IN ({array_int:users}) AND comment_type = {string:warntpl}', array('users' => $users, 'warntpl' => 'warntpl')); $db->query('', ' DELETE FROM {db_prefix}log_group_requests WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_karma WHERE id_target IN ({array_int:users}) OR id_executor IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_mark_read WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_notify WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_online WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_subscribed WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}log_topics WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}collapsed_categories WHERE id_member IN ({array_int:users})', array('users' => $users)); // Make their votes appear as guest votes - at least it keeps the totals right. // @todo Consider adding back in cookie protection. $db->query('', ' UPDATE {db_prefix}log_polls SET id_member = {int:guest_id} WHERE id_member IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // Remove the mentions $db->query('', ' DELETE FROM {db_prefix}log_mentions WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete personal messages. require_once SUBSDIR . '/PersonalMessage.subs.php'; deleteMessages(null, null, $users); $db->query('', ' UPDATE {db_prefix}personal_messages SET id_member_from = {int:guest_id} WHERE id_member_from IN ({array_int:users})', array('guest_id' => 0, 'users' => $users)); // They no longer exist, so we don't know who it was sent to. $db->query('', ' DELETE FROM {db_prefix}pm_recipients WHERE id_member IN ({array_int:users})', array('users' => $users)); // Delete avatar. require_once SUBSDIR . '/ManageAttachments.subs.php'; removeAttachments(array('id_member' => $users)); // It's over, no more moderation for you. $db->query('', ' DELETE FROM {db_prefix}moderators WHERE id_member IN ({array_int:users})', array('users' => $users)); $db->query('', ' DELETE FROM {db_prefix}group_moderators WHERE id_member IN ({array_int:users})', array('users' => $users)); // If you don't exist we can't ban you. $db->query('', ' DELETE FROM {db_prefix}ban_items WHERE id_member IN ({array_int:users})', array('users' => $users)); // Remove individual theme settings. $db->query('', ' DELETE FROM {db_prefix}themes WHERE id_member IN ({array_int:users})', array('users' => $users)); // These users are nobody's buddy nomore. $request = $db->query('', ' SELECT id_member, pm_ignore_list, buddy_list FROM {db_prefix}members WHERE FIND_IN_SET({raw:pm_ignore_list}, pm_ignore_list) != 0 OR FIND_IN_SET({raw:buddy_list}, buddy_list) != 0', array('pm_ignore_list' => implode(', pm_ignore_list) != 0 OR FIND_IN_SET(', $users), 'buddy_list' => implode(', buddy_list) != 0 OR FIND_IN_SET(', $users))); while ($row = $db->fetch_assoc($request)) { updateMemberData($row['id_member'], array('pm_ignore_list' => implode(',', array_diff(explode(',', $row['pm_ignore_list']), $users)), 'buddy_list' => implode(',', array_diff(explode(',', $row['buddy_list']), $users)))); } $db->free_result($request); // Make sure no member's birthday is still sticking in the calendar... updateSettings(array('calendar_updated' => time())); // Integration rocks! call_integration_hook('integrate_delete_members', array($users)); updateMemberStats(); logActions($log_changes); }
/** * This function allows the user to prune (delete) all messages older than a supplied duration. */ public function action_prune() { global $txt, $context, $user_info, $scripturl; // Actually delete the messages. if (isset($_REQUEST['age'])) { checkSession(); // Calculate the time to delete before. $deleteTime = max(0, time() - 86400 * (int) $_REQUEST['age']); // Select all the messages older than $deleteTime. $toDelete = getPMsOlderThan($user_info['id'], $deleteTime); // Delete the actual messages. deleteMessages($toDelete); // Go back to their inbox. redirectexit($context['current_label_redirect']); } // Build the link tree elements. $context['linktree'][] = array('url' => $scripturl . '?action=pm;sa=prune', 'name' => $txt['pm_prune']); $context['sub_template'] = 'prune'; $context['page_title'] = $txt['pm_prune']; }
function method_delete_message() { global $mobdb, $mobsettings, $modSettings, $context, $sourcedir, $user_info, $txt; if ($user_info['is_guest']) { outputRPCResult(false, $txt[1]); } if (!allowedTo('pm_read')) { outputRPCResult(false, $txt['cannot_pm_read']); } // Invalid message ID? if (!isset($context['mob_request']['params'][0])) { outputRPCResult(false, $txt['smf272']); } $id_pm = $context['mob_request']['params'][0][0]; // Delete the PM require_once $sourcedir . '/PersonalMessage.php'; deleteMessages(array((int) $id_pm)); outputRPCResult(true); }