function content() { $users = fetch_wol('*', 'users', 'date_verified IS NOT NULL AND date_approved IS NOT NULL', 'name ASC'); ?> <h2>Accounts</h2> <table> <?php foreach ($users as $u) { ?> <tr> <td class="name"><a href="<?php esc($u->id); ?> "><?php esc($u->name); ?> </a></td> </tr> <?php } ?> </table> <?php }
function content() { $errors = array(); if (!array_key_exists('token', $_GET) || !$_GET['token']) { $errors[] = 'Invalid activation token'; } $token = $_GET['token']; $user = fetch_one_or_none('users', 'activation_token', $_GET['token']); if (!$user) { $errors[] = 'Invalid activation token'; } if (count($errors)) { page_header('Activation failed'); show_error_list($errors); return; } $admins = fetch_wol('*', 'users', 'date_verified IS NOT NULL AND date_approved IS NOT NULL', 'id ASC'); $sets = array('activation_token' => null, 'date_verified' => date('Y-m-d H:i:s')); # Auto-approve user 1. if (count($admins) == 0) { $sets['date_approved'] = $sets['date_verified']; $sets['approved_by'] = 1; } update_all('users', $sets, 'id', $user->id); page_header('Account activated'); if (count($admins)) { send_approval_request($user, $admins); ?> <p>Thank you for activating your account. Your request for an account has been forwarded to a site administrator for approval. You will be notified by email when it is approved.</p> <?php } else { register_user_rdf($user); # Don't set login cookie now. This is to prevent someone hijacking # a login token, using it, and benefiting from a pre-logged-in session. # This way, they still need a password. global $config; ?> <p>Thank you for activating your account. You shouldn't need to do that again. You may now want to <a href="<?php esc($config['http_path']); ?> account/login">log in</a>.</p> <?php } }
function content() { if (!user_logged_in()) { return must_log_in(); } $files = fetch_wol('*', 'files', sprintf("user_id=%d", user_logged_in())); if (count($files) == 0) { ?> <p>You have not <a href="upload">uploaded</a> any files.</p> <?php return; } ?> <table class="data"> <?php foreach ($files as $f) { ?> <tr><td class="file-id"><a href="<?php esc($f->id . '.' . $f->extension); ?> "><?php esc(sprintf("%06d", $f->id)); ?> </a></td> <td><?php esc(date_format('Y-m-d H:i:s', $f->date_uploaded)); ?> </td> <td><?php esc(format_size($f->length)); ?> </td> </tr> <?php } ?> </table> <?php }
function fetch_one_or_none($table, $key, $id, $fields = null) { global $dbh; if (!$dbh) { db_connect(); } $where = sprintf("%s='%s'", $key, mysql_real_escape_string($id, $dbh)); $objs = fetch_wol($fields, $table, $where); if (count($objs)) { return $objs[0]; } else { return null; } }