/** * <b>block_handler</b> * Blocks a user if required */ function block_handler() { global $db, $config, $user, $lang; if ($user->data['user_id'] == ANONYMOUS) { return; } if (intval($config['ctracker_spammer_blockmode']) == 1 && $user->data['user_id'] != ANONYMOUS) { // Ban user $sql = "INSERT INTO " . BANLIST_TABLE . "(`ban_id` , `ban_userid` , `ban_ip` , `ban_email`) VALUES ('', '" . $user->data['user_id'] . "', '', NULL);"; if (!$db->sql_query($sql)) { message_die(CRITICAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql); } $db->clear_cache('ban_', USERS_CACHE_FOLDER); } elseif (intval($config['ctracker_spammer_blockmode']) == 2) { // Block user $sql = 'UPDATE ' . USERS_TABLE . ' SET user_active = 0 WHERE user_id = ' . $user->data['user_id']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql); } // Mighty Gorgon: Remove all notifications... if (!function_exists('user_clear_notifications')) { include_once IP_ROOT_PATH . 'includes/functions_users_delete.' . PHP_EXT; } $clear_notification = user_clear_notifications($user->data['user_id']); } // Remove Profile data // Removed user_email = '*****@*****.**' $sql = "UPDATE " . USERS_TABLE . " SET user_allowavatar = 0, user_icq = '', user_website = '', user_from = '', user_sig = '', user_aim = '', user_yim = '', user_msnm = '', user_occ = '', user_interests = '' WHERE user_id = " . $user->data['user_id']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql); } // Log it include_once IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT; $logfile = new log_manager(); $logfile->prepare_log($user->data['username']); $logfile->write_general_logfile($config['ctracker_logsize_spammer'], 5); unset($logfile); // Log out user if ($user->data['session_logged_in']) { $user->session_kill(); } // Output Info Message message_die(GENERAL_MESSAGE, $lang['ctracker_binf_sban']); }
function ip_user_kill($user_id) { global $config, $lang, $user, $db; if (!($this_userdata = get_userdata($user_id))) { if (!defined('STATUS_404')) { define('STATUS_404', true); } message_die(GENERAL_MESSAGE, 'NO_USER'); } if ($user->data['user_id'] != $user_id) { // We need to reset notifications before deleting the user from the table, because we also want to make sure to reset his profile if something goes wrong in deletion $clear_notification = user_clear_notifications($user_id); $sql = "SELECT g.group_id\n\t\t\tFROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g\n\t\t\tWHERE ug.user_id = " . $user_id . "\n\t\t\t\tAND g.group_id = ug.group_id\n\t\t\t\tAND g.group_single_user = 1"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $sql = "UPDATE " . POSTS_TABLE . "\n\t\t\tSET poster_id = " . DELETED . ", post_username = '******'username']) . "'\n\t\t\tWHERE poster_id = " . $user_id; $db->sql_query($sql); $sql = "UPDATE " . TOPICS_TABLE . "\n\t\t\tSET topic_poster = " . DELETED . "\n\t\t\tWHERE topic_poster = " . $user_id; $db->sql_query($sql); $sql = "UPDATE " . POLL_VOTES_TABLE . "\n\t\t\tSET vote_user_id = " . DELETED . "\n\t\t\tWHERE vote_user_id = " . $user_id; $db->sql_query($sql); $sql = "UPDATE " . GROUPS_TABLE . "\n\t\t\tSET group_moderator = '" . $user->data['user_id'] . "'\n\t\t\tWHERE group_moderator = '" . $user_id . "'"; $db->sql_query($sql); $sql = "DELETE FROM " . USERS_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . USER_GROUP_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); if (!empty($row['group_id'])) { $sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = '" . $row['group_id'] . "'"; $db->sql_query($sql); $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = '" . $row['group_id'] . "'"; $db->sql_query($sql); } // UPI2DB - BEGIN $sql = "DELETE FROM " . UPI2DB_ALWAYS_READ_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . UPI2DB_UNREAD_POSTS_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); // UPI2DB - END $sql = "DELETE FROM " . POSTS_LIKES_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . BOOKMARK_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . DRAFTS_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); if (!empty($config['plugins']['links']['enabled'])) { $sql = "DELETE FROM " . LINKS_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); } $sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_userid = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); $sql = "UPDATE " . ALBUM_TABLE . "\n\t\tSET pic_user_id = " . ANONYMOUS . "\n\t\t\tWHERE pic_user_id = " . $user_id; $result = $db->sql_query($sql); $sql = "UPDATE " . ALBUM_COMMENT_TABLE . "\n\t\tSET comment_user_id = " . ANONYMOUS . "\n\t\t\tWHERE comment_user_id = " . $user_id; $result = $db->sql_query($sql); $sql = "DELETE FROM " . DL_FAVORITES_TABLE . " WHERE fav_user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . DL_NOTRAF_TABLE . " WHERE user_id = " . $user_id; $db->sql_query($sql); if (!empty($config['plugins']['sudoku']['enabled'])) { $sql = "DELETE FROM " . SUDOKU_STATS . " WHERE user_id = " . $user_id; $db->sql_query($sql); $sql = "DELETE FROM " . SUDOKU_USERS . " WHERE user_id = " . $user_id; $db->sql_query($sql); } // Start add - Fully integrated shoutbox MOD $sql = "UPDATE " . SHOUTBOX_TABLE . "\n\t\t\tSET shout_user_id = " . DELETED . ", shout_username = '******'\n\t\t\tWHERE shout_user_id = " . $user_id; $db->sql_query($sql); // End add - Fully integrated shoutbox MOD // Event Registration - BEGIN $sql = "DELETE FROM " . REGISTRATION_TABLE . " WHERE registration_user_id = " . $user_id; $db->sql_query($sql); // Event Registration - END $sql = "SELECT privmsgs_id\n\t\t\tFROM " . PRIVMSGS_TABLE . "\n\t\t\tWHERE ((privmsgs_from_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_NEW_MAIL . ")\n\t\t\tOR (privmsgs_from_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_SENT_MAIL . ")\n\t\t\tOR (privmsgs_to_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_READ_MAIL . ")\n\t\t\tOR (privmsgs_to_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . ")\n\t\t\tOR (privmsgs_from_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "))"; // This is more restrictive! /* $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " WHERE privmsgs_from_userid = " . $user_id . " OR privmsgs_to_userid = " . $user_id; */ $result = $db->sql_query($sql); // This little bit of code directly from the private messaging section. while ($row_privmsgs = $db->sql_fetchrow($result)) { $mark_list[] = $row_privmsgs['privmsgs_id']; } if (sizeof($mark_list)) { $delete_sql_id = implode(', ', $mark_list); $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "\n\t\t\t\tWHERE privmsgs_id IN ({$delete_sql_id})"; $db->sql_query($delete_sql); } $sql = "UPDATE " . PRIVMSGS_TABLE . "\n\t\t\tSET privmsgs_to_userid = " . DELETED . "\n\t\t\tWHERE privmsgs_to_userid = " . $user_id; $db->sql_query($sql); $sql = "UPDATE " . PRIVMSGS_TABLE . "\n\t\t\tSET privmsgs_from_userid = " . DELETED . "\n\t\t\tWHERE privmsgs_from_userid = " . $user_id; $db->sql_query($sql); $db->clear_cache('ban_', USERS_CACHE_FOLDER); return true; } return false; }
} break; case 'activate': // activate or deactive the seleted users $i = 0; while ($i < sizeof($user_ids)) { $user_id = intval($user_ids[$i]); $sql = "SELECT user_active FROM " . USERS_TABLE . "\n\t\t\t\tWHERE user_id = {$user_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $new_status = $row['user_active'] ? 0 : 1; $sql = "UPDATE " . USERS_TABLE . "\n\t\t\t\tSET user_active = '" . $new_status . "'\n\t\t\t\tWHERE user_id = " . $user_id; $result = $db->sql_query($sql); if ($new_status == 0) { $clear_notification = user_clear_notifications($user_id); } unset($user_id); $i++; } $message = $lang['User_status_updated'] . '<br /><br />' . sprintf($lang['Click_return_userlist'], '<a href="' . append_sid('admin_userlist.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>'); message_die(GENERAL_MESSAGE, $message); break; case 'group': // add users to a group if (!$confirm) { // show form to select which group to add users to $i = 0; $hidden_fields = ''; while ($i < sizeof($user_ids)) { $user_id = intval($user_ids[$i]);
// Send also to sender in BCC if needed... if (!empty($_POST['cc_email'])) { $emailer->bcc($sender); } $emailer->replyto($sender); $emailer->set_subject($email_subject); $emailer->assign_vars(array('MESSAGE' => $email_message)); $emailer->send(); $emailer->reset(); $redirect_url = append_sid(CMS_PAGE_HOME); meta_refresh(3, $redirect_url); $message_die = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_HOME) . '">', '</a>'); if ($account_delete) { $sql = "UPDATE " . USERS_TABLE . "\n\t\t\t\tSET user_active = '0'\n\t\t\t\tWHERE user_id = " . $user->data['user_id']; $result = $db->sql_query($sql); $clear_notification = user_clear_notifications($user->data['user_id']); $message = $lang['Email_sent']; $redirect_url = append_sid(CMS_PAGE_LOGIN . '?logout=true&sid=' . $user->data['session_id']); meta_refresh(3, $redirect_url); } message_die(GENERAL_MESSAGE, $message_die); } } if ($error) { $template->set_filenames(array('reg_header' => 'error_body.tpl')); $template->assign_vars(array('ERROR_MESSAGE' => $error_msg)); $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); } if (ENABLE_VISUAL_CONFIRM && !$user->data['session_logged_in']) { // Visual Confirmation $confirm_image = '';