function regmod_content(&$a) { global $lang; $_SESSION['return_url'] = $a->cmd; if (!local_user()) { info(t('Please login.') . EOL); $o .= '<br /><br />' . login($a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1); return $o; } if (!is_site_admin() || x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { notice(t('Permission denied.') . EOL); return ''; } if ($a->argc != 3) { killme(); } $cmd = $a->argv[1]; $hash = $a->argv[2]; if ($cmd === 'deny') { user_deny($hash); goaway($a->get_baseurl() . "/admin/users/"); killme(); } if ($cmd === 'allow') { user_allow($hash); goaway($a->get_baseurl() . "/admin/users/"); killme(); } }
function regmod_content(&$a) { global $lang; $_SESSION['return_url'] = $a->cmd; if (!local_user()) { info(t('Please login.') . EOL); $o .= '<br /><br />' . login($a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1); return $o; } if (!is_site_admin()) { notice(t('Permission denied.') . EOL); return ''; } if ($a->argc != 3) { killme(); } $cmd = $a->argv[1]; $hash = $a->argv[2]; if ($cmd === 'deny') { if (!user_deny($hash)) { killme(); } } if ($cmd === 'allow') { if (!user_allow($hash)) { killme(); } } }
function regmod_content(&$a) { global $lang; $_SESSION['return_url'] = $a->cmd; if (!local_user()) { info(t('Please login.') . EOL); $o .= '<br /><br />' . login($a->config['system']['register_policy'] == REGISTER_CLOSED ? 0 : 1); return $o; } if (!is_site_admin() || x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { notice(t('Permission denied.') . EOL); return ''; } if (argc() != 3) { killme(); } $cmd = argv(1); $hash = argv(2); if ($cmd === 'deny') { if (!user_deny($hash)) { killme(); } } if ($cmd === 'allow') { if (!user_allow($hash)) { killme(); } } }
/** * Users admin page * * @param App $a */ function admin_page_users_post(&$a) { $pending = x($_POST, 'pending') ? $_POST['pending'] : array(); $users = x($_POST, 'user') ? $_POST['user'] : array(); $nu_name = x($_POST, 'new_user_name') ? $_POST['new_user_name'] : ''; $nu_nickname = x($_POST, 'new_user_nickname') ? $_POST['new_user_nickname'] : ''; $nu_email = x($_POST, 'new_user_email') ? $_POST['new_user_email'] : ''; check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); if (!($nu_name === "") && !($nu_email === "") && !($nu_nickname === "")) { require_once 'include/user.php'; $result = create_user(array('username' => $nu_name, 'email' => $nu_email, 'nickname' => $nu_nickname, 'verified' => 1)); if (!$result['success']) { notice($result['message']); return; } $nu = $result['user']; $preamble = deindent(t(' Dear %1$s, the administrator of %2$s has set up an account for you.')); $body = deindent(t(' The login details are as follows: Site Location: %1$s Login Name: %2$s Password: %3$s You may change your password from your account "Settings" page after logging in. Please take a few moments to review the other account settings on that page. You may also wish to add some basic information to your default profile (on the "Profiles" page) so that other people can easily find you. We recommend setting your full name, adding a profile photo, adding some profile "keywords" (very useful in making new friends) - and perhaps what country you live in; if you do not wish to be more specific than that. We fully respect your right to privacy, and none of these items are necessary. If you are new and do not know anybody here, they may help you to make some new and interesting friends. Thank you and welcome to %4$s.')); $preamble = sprintf($preamble, $nu['username'], $a->config['sitename']); $body = sprintf($body, $a->get_baseurl(), $nu['email'], $result['password'], $a->config['sitename']); notification(array('type' => "SYSTEM_EMAIL", 'to_email' => $nu['email'], 'subject' => sprintf(t('Registration details for %s'), $a->config['sitename']), 'preamble' => $preamble, 'body' => $body)); } if (x($_POST, 'page_users_block')) { foreach ($users as $uid) { q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s", intval($uid)); } notice(sprintf(tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users))); } if (x($_POST, 'page_users_delete')) { require_once "include/Contact.php"; foreach ($users as $uid) { user_remove($uid); } notice(sprintf(tt("%s user deleted", "%s users deleted", count($users)), count($users))); } if (x($_POST, 'page_users_approve')) { require_once "mod/regmod.php"; foreach ($pending as $hash) { user_allow($hash); } } if (x($_POST, 'page_users_deny')) { require_once "mod/regmod.php"; foreach ($pending as $hash) { user_deny($hash); } } goaway($a->get_baseurl(true) . '/admin/users'); return; // NOTREACHED }
/** * Users admin page * * @param App $a */ function admin_page_users_post(&$a) { $pending = x($_POST, 'pending') ? $_POST['pending'] : array(); $users = x($_POST, 'user') ? $_POST['user'] : array(); check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); if (x($_POST, 'page_users_block')) { foreach ($users as $uid) { q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s", intval($uid)); } notice(sprintf(tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users))); } if (x($_POST, 'page_users_delete')) { require_once "include/Contact.php"; foreach ($users as $uid) { user_remove($uid); } notice(sprintf(tt("%s user deleted", "%s users deleted", count($users)), count($users))); } if (x($_POST, 'page_users_approve')) { require_once "mod/regmod.php"; foreach ($pending as $hash) { user_allow($hash); } } if (x($_POST, 'page_users_deny')) { require_once "mod/regmod.php"; foreach ($pending as $hash) { user_deny($hash); } } goaway($a->get_baseurl(true) . '/admin/users'); return; // NOTREACHED }
/** * @brief Handle POST actions on users admin page. * * This function is called when on the admin user/account page the form was * submitted to handle multiple operations at once. If one of the icons next * to an entry are pressed the function admin_page_users() will handle this. * * @param App $a */ function admin_page_users_post($a) { $pending = x($_POST, 'pending') ? $_POST['pending'] : array(); $users = x($_POST, 'user') ? $_POST['user'] : array(); $blocked = x($_POST, 'blocked') ? $_POST['blocked'] : array(); check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); // change to switch structure? // account block/unblock button was submitted if (x($_POST, 'page_users_block')) { for ($i = 0; $i < count($users); $i++) { // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag $op = $blocked[$i] ? '& ~' : '| '; q("UPDATE account SET account_flags = (account_flags {$op}%d) WHERE account_id = %d", intval(ACCOUNT_BLOCKED), intval($users[$i])); } notice(sprintf(tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users))); } // account delete button was submitted if (x($_POST, 'page_users_delete')) { require_once 'include/Contact.php'; foreach ($users as $uid) { account_remove($uid, true, false); } notice(sprintf(tt("%s user deleted", "%s users deleted", count($users)), count($users))); } // registration approved button was submitted if (x($_POST, 'page_users_approve')) { foreach ($pending as $hash) { user_allow($hash); } } // registration deny button was submitted if (x($_POST, 'page_users_deny')) { foreach ($pending as $hash) { user_deny($hash); } } goaway($a->get_baseurl(true) . '/admin/users'); }
/** * Users admin page * * @param App $a */ function admin_page_users_post(&$a) { $pending = x($_POST, 'pending') ? $_POST['pending'] : array(); $users = x($_POST, 'user') ? $_POST['user'] : array(); check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); if (x($_POST, 'page_users_block')) { foreach ($users as $uid) { q("UPDATE account SET account_flags = (account_flags & %d) where account_id = %d limit 1", intval(ACCOUNT_BLOCKED), intval($uid)); } notice(sprintf(tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users))); } if (x($_POST, 'page_users_delete')) { require_once "include/Contact.php"; foreach ($users as $uid) { account_remove($uid, true, false); } notice(sprintf(tt("%s user deleted", "%s users deleted", count($users)), count($users))); } if (x($_POST, 'page_users_approve')) { foreach ($pending as $hash) { user_allow($hash); } } if (x($_POST, 'page_users_deny')) { foreach ($pending as $hash) { user_deny($hash); } } goaway($a->get_baseurl(true) . '/admin/users'); return; // NOTREACHED }