function forum_get($fid) { if (!is_numeric($fid)) { return false; } if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) { return false; } if (!($db = db::get())) { return false; } $sql = "SELECT FID, WEBTAG, OWNER_UID, DATABASE_NAME, DEFAULT_FORUM, "; $sql .= "ACCESS_LEVEL, FORUM_PASSWD FROM FORUMS WHERE FID = '{$fid}'"; if (!($result = $db->query($sql))) { return false; } if ($result->num_rows == 0) { return false; } $forum_get_array = $result->fetch_assoc(); $forum_get_array['FORUM_SETTINGS'] = array(); if (isset($forum_get_array['OWNER_UID']) && $forum_get_array['OWNER_UID'] > 0) { if ($forum_leader = user_get_logon($forum_get_array['OWNER_UID'])) { $forum_get_array['FORUM_SETTINGS']['forum_leader'] = $forum_leader; } } $sql = "SELECT SNAME, SVALUE FROM FORUM_SETTINGS WHERE FID = '{$fid}'"; if (!($result = $db->query($sql))) { return false; } while ($forum_data = $result->fetch_assoc()) { $forum_get_array['FORUM_SETTINGS'][$forum_data['SNAME']] = $forum_data['SVALUE']; } return $forum_get_array; }
if (isset($_POST['delete_user_confirm'])) { if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0, 0)) { html_draw_error(gettext("You do not have permission to use this section."), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center'); } $delete_content = isset($_POST['delete_content']) && $_POST['delete_content'] == 'Y'; if (admin_delete_user($uid, $delete_content)) { html_draw_top("title={$page_title}", 'class=window_title'); html_display_msg(gettext("Delete User"), gettext("User Successfully Deleted"), 'admin_users.php', 'get', array('back' => gettext("Back")), false, '_self', 'center'); html_draw_bottom(); exit; } else { html_draw_error(gettext("Failed To Delete User"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center'); } } else { if (isset($_POST['delete_posts_confirm'])) { if ($user_logon = user_get_logon($uid)) { if (admin_delete_users_posts($uid)) { admin_add_log_entry(DELETE_ALL_USER_POSTS, array($user_logon)); html_draw_top("title={$page_title}", 'class=window_title'); html_display_msg(gettext("Delete posts"), gettext("Posts were successfully deleted"), 'admin_user.php', 'get', array('back' => gettext("Back")), false, '_self', 'center'); html_draw_bottom(); exit; } else { html_draw_error(gettext("Failed to delete user's posts"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center'); } } } else { if (isset($_POST['user_perm_submit'])) { $valid = true; if (forum_check_webtag_available($webtag)) { // Local user permissions
$redirect_uri .= "&sort_by={$sort_by}&sort_dir={$sort_dir}&filter={$filter}"; $redirect_uri .= "&user_search=%s&kicked=true"; header_redirect(sprintf($redirect_uri, htmlentities_array($user_search))); exit; } } } } else { if ($_POST['action'] == ADMIN_USER_OPTION_APPROVE) { if (forum_get_setting('require_user_approval', 'Y')) { $valid = true; if (isset($_POST['user_update']) && is_array($_POST['user_update'])) { $approve_users = array_filter(array_keys($_POST['user_update']), 'is_numeric'); $approved_user_success_array = array(); foreach ($approve_users as $user_uid) { if ($valid && ($user_logon = user_get_logon($user_uid))) { if (admin_approve_user($user_uid)) { email_send_user_approved_notification($user_uid); } else { $error_msg_array[] = sprintf(gettext("Failed to approve user %s"), $user_logon); $valid = false; } } } if ($valid) { $redirect_uri = "admin_users.php?webtag={$webtag}&page={$page}"; $redirect_uri .= "&sort_by={$sort_by}&sort_dir={$sort_dir}&filter={$filter}"; $redirect_uri .= "&user_search=%s&approved=true"; header_redirect(sprintf($redirect_uri, htmlentities_array($user_search))); exit; }
foreach ($_POST['add_user'] as $uid) { if (!perm_user_in_group($uid, $gid)) { perm_add_user_to_group($uid, $gid); if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) { admin_add_log_entry(ADD_USER_TO_GROUP, array($user_logon, $group_name)); } } } } } if (isset($_POST['remove'])) { if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) { foreach ($_POST['remove_user'] as $uid) { if (perm_user_in_group($uid, $gid)) { perm_remove_user_from_group($uid, $gid); if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) { admin_add_log_entry(REMOVE_USER_FROM_GROUP, array($user_logon, $group_name)); } } } } } if (!($group = perm_get_group($gid))) { html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back"))); } html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s - Add/Remove Users'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css')); $group_users_array = perm_group_get_users($gid, $start_main); echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}", html_style_image('separator'), "", gettext("Add/Remove Users"), "</h1>\n"; if (isset($_GET['added'])) { html_display_success_msg(gettext("Successfully added group. Add users to this group by searching for them below."), '800', 'center'); } else {
} } } if ($valid) { $ret = rawurlencode($ret); $user_search = rawurlencode($user_search); header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&added=true"); exit; } } } else { if (isset($_POST['remove'])) { $valid = true; if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) { foreach ($_POST['remove_user'] as $remove_user_uid) { if ($user_logon = user_get_logon($remove_user_uid)) { if (user_update_forums($remove_user_uid, $forum_fid, FORUM_USER_DISALLOWED)) { $forum_name = forum_get_name($forum_fid); admin_add_log_entry(CHANGE_FORUM_ACCESS, array($forum_name, $user_logon)); } else { $error_msg_array[] = sprintf(gettext("Failed to remove permissions from user '%s'"), $user_logon); $valid = false; } } } if ($valid) { $ret = rawurlencode($ret); $user_search = rawurlencode($user_search); header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&removed=true"); exit; }
function light_message_display($tid, $message, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $is_poll = false, $is_preview = false) { $perm_is_moderator = session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid); $post_edit_time = forum_get_setting('post_edit_time', null, 0); $post_edit_grace_period = forum_get_setting('post_edit_grace_period', null, 0); $webtag = get_webtag(); forum_check_webtag_available($webtag); if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) { return; } if ((!isset($message['CONTENT']) || $message['CONTENT'] == "") && !$is_preview) { light_message_display_deleted($tid, isset($message['PID']) ? $message['PID'] : 0); return; } $from_user_permissions = perm_get_user_permissions($message['FROM_UID']); if ($_SESSION['UID'] != $message['FROM_UID']) { if ($from_user_permissions & USER_PERM_WORMED && !$perm_is_moderator) { light_message_display_deleted($tid, $message['PID']); return; } } if (!$is_preview && !isset($message['APPROVED'])) { light_message_display_approval_req($tid, $message['PID']); return; } if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED_COMPLETELY) { light_message_display_deleted($tid, $message['PID']); return; } if (isset($message['RECIPIENTS']) && sizeof($message['RECIPIENTS']) == 1) { $recipient = array_slice(array_values($message['RECIPIENTS']), 0, 1); if (isset($recipient['RELATIONSHIP']) && $recipient['RELATIONSHIP'] & USER_IGNORED_COMPLETELY) { light_message_display_deleted($tid, $message['PID']); return; } } if (!$is_preview && isset($message['MOVED_TID']) && isset($message['MOVED_PID'])) { light_message_display_moved($message); return; } if (isset($_SESSION['IMAGES_TO_LINKS']) && $_SESSION['IMAGES_TO_LINKS'] == 'Y') { $message['CONTENT'] = message_images_to_links($message['CONTENT']); } if (mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226)) && $limit_text) { $cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226))); $cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg); $message['CONTENT'] = fix_html($cut_msg); $message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n"; $message['CONTENT'] .= "<a href=\"ldisplay.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"message_full_view\">" . gettext("View full message") . ".</a>"; } if ($in_list && isset($message['PID'])) { echo "<a name=\"a{$tid}_{$message['PID']}\"></a>"; } if ($in_list && isset($message['PID'])) { echo "<div class=\"message\" id=\"message_{$tid}_{$message['PID']}\">\n"; } else { echo "<div class=\"message\">\n"; } echo "<div class=\"message_header\">\n"; echo "<div class=\"message_from\">\n"; echo gettext("From"), ": ", word_filter_add_ob_tags(format_user_name($message['FROM_LOGON'], $message['FROM_NICKNAME']), true); if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_FRIEND) { echo html_style_image('friend', gettext("Friend")); } else { if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED) { echo html_style_image('enemy', gettext("Ignored user")); } } // If the user posting a poll is ignored, remove ignored status for this message only so the poll can be seen if ($is_poll && $message['PID'] == 1 && isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED) { $message['RELATIONSHIP'] -= USER_IGNORED; } if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED && $limit_text && $_SESSION['UID'] > 0) { echo "<span class=\"message_ignored\">", gettext("Ignored message"), "</span>\n"; } else { if ($in_list) { if ($from_user_permissions & USER_PERM_WORMED) { echo gettext("Wormed user"); } echo "<span class=\"message_time\">", format_date_time($message['CREATED']), "</span>\n"; } } echo "<div class=\"clearer\"></div>\n"; echo "</div>"; echo "<div class=\"message_to\">", gettext("To"), ": "; if (isset($message['RECIPIENTS']) && sizeof($message['RECIPIENTS']) > 0) { foreach ($message['RECIPIENTS'] as $recipient) { if (isset($recipient['RELATIONSHIP']) && $recipient['RELATIONSHIP'] & USER_IGNORED_COMPLETELY) { continue; } echo word_filter_add_ob_tags(format_user_name($recipient['LOGON'], $recipient['NICKNAME']), true), "\n"; if (isset($recipient['VIEWED']) && $recipient['VIEWED'] > 0) { echo "<span>", html_style_image('post_read', sprintf(gettext("Read: %s"), format_date_time($recipient['VIEWED']))), "</span>\n"; } else { if ($is_preview == false) { echo "<span>", html_style_image('post_unread', gettext("Unread Message")), "</span>\n"; } } } } else { echo gettext('ALL'); } if ($in_list && $msg_count > 0) { echo "<span class=\"message_count\">", sprintf(gettext("%s of %s"), $message['PID'], $msg_count), "</span>"; } echo "<div class=\"clearer\"></div>\n"; echo "</div>\n"; echo "</div>\n"; if (!$is_poll || isset($message['PID']) && $message['PID'] > 1) { $message['CONTENT'] = message_apply_formatting($message['CONTENT'], true); } if ($limit_text && mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226))) { $cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226))); $cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg); $message['CONTENT'] = fix_html($cut_msg); $message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n<p align=\"center\"><a href=\"display.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" target=\"_self\">" . gettext("View full message") . "</a>"; } $message['CONTENT'] = light_spoiler_enable($message['CONTENT']); if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) { $message['CONTENT'] = word_filter_add_ob_tags($message['CONTENT'], false); } if ($is_preview || !isset($message['RELATIONSHIP']) || !($message['RELATIONSHIP'] & USER_IGNORED)) { if ($in_list && $msg_count > 0) { echo "<div class=\"message_links\">\n"; echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\">{$tid}.{$message['PID']}</a>"; if ($message['REPLY_TO_PID'] > 0) { echo " ", gettext("In reply to"), " "; if (intval($message['REPLY_TO_PID']) >= intval($first_msg)) { echo "<a href=\"#a{$tid}_{$message['REPLY_TO_PID']}\" target=\"_self\">{$tid}.{$message['REPLY_TO_PID']}</a>"; } else { echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['REPLY_TO_PID']}\">{$tid}.{$message['REPLY_TO_PID']}</a>"; } } echo "</div>\n"; } else { echo "<div class=\"message_links\"> </div>\n"; } echo "<div class=\"message_body\">\n"; echo $message['CONTENT']; if (!$is_preview && isset($message['EDITED'])) { if ($post_edit_grace_period == 0 || $message['EDITED'] - $message['CREATED'] > $post_edit_grace_period * MINUTE_IN_SECONDS) { if (($edit_user = user_get_logon($message['EDITED_BY'])) !== false) { echo "<div class=\"edit_text\">", sprintf(gettext("EDITED: %s by %s"), format_date_time($message['EDITED']), $edit_user), "</div>\n"; } } } if (!$is_preview && isset($message['APPROVED']) && isset($message['APPROVED_BY'])) { if ($message['APPROVED_BY'] != $message['FROM_UID'] && ($approved_user = user_get_logon($message['APPROVED_BY'])) !== false) { echo "<div class=\"edit_text\">", sprintf(gettext("APPROVED: %s by %s"), format_date_time($message['APPROVED']), $approved_user), "</div>\n"; } } echo "</div>\n"; if (isset($message['ATTACHMENTS']) && sizeof($message['ATTACHMENTS']) > 0) { if (($attachments_array = attachments_get($message['FROM_UID'], $message['ATTACHMENTS'])) !== false) { echo "<div class=\"message_attachments\">\n"; echo " <span>", gettext("Attachments"), ":</span>\n"; echo " <ul>\n"; foreach ($attachments_array as $attachment) { if (($attachment_link = light_attachments_make_link($attachment)) !== false) { echo "<li>", html_style_image('attach'), $attachment_link, "</li>\n"; } } echo " </ul>\n"; echo "</div>\n"; } } if (!$is_preview && $msg_count > 0) { $links_array = array(); if (!$closed && session::check_perm(USER_PERM_POST_CREATE, $folder_fid)) { $links_array[] = "<a href=\"lpost.php?webtag={$webtag}&reply_to={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"reply\">" . html_style_image('post') . gettext("Reply") . "</a>"; } if ($_SESSION['UID'] == $message['FROM_UID'] && session::check_perm(USER_PERM_POST_DELETE, $folder_fid) && !session::check_perm(USER_PERM_PILLORIED, 0) || $perm_is_moderator) { $links_array[] = "<a href=\"ldelete.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"delete\">" . html_style_image('delete') . gettext("Delete") . "</a>"; } if (!session::check_perm(USER_PERM_PILLORIED, 0) && ($_SESSION['UID'] != $message['FROM_UID'] && $from_user_permissions & USER_PERM_PILLORIED || $_SESSION['UID'] == $message['FROM_UID']) && session::check_perm(USER_PERM_POST_EDIT, $folder_fid) && ($post_edit_time == 0 || time() - $message['CREATED'] < $post_edit_time * HOUR_IN_SECONDS) && forum_get_setting('allow_post_editing', 'Y') || $perm_is_moderator) { if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) { $links_array[] = "<a href=\"ledit.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"edit\">" . html_style_image('edit') . gettext("Edit") . "</a>"; } } if (sizeof($links_array) > 0) { echo "<div class=\"message_footer\">\n"; echo " <div class=\"message_footer_links\">", implode(' ', $links_array), "</div>\n"; echo " <div class=\"message_vote_form\" data-msg=\"{$tid}.{$message['PID']}\">\n"; echo " ", light_message_get_vote_form_html($message), "\n"; echo " </div>\n"; echo "</div>\n"; } } else { echo "<div class=\"message_footer_links\"></div>\n"; } } echo "</div>"; }
function message_display_deleted($tid, $pid, $message, $in_list, $is_preview, $first_msg, $msg_count, $posts_per_page) { echo "<div align=\"center\">"; echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\n"; echo " <tr>\n"; if ($in_list && !$is_preview) { message_display_navigation($tid, $pid, $first_msg, $msg_count, $posts_per_page); } echo " <td align=\"left\">\n"; echo " <table width=\"100%\" class=\"box\" cellpadding=\"0\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; if (isset($message['EDITED']) && $message['EDITED'] > 0) { if ($edit_user = user_get_logon($message['EDITED_BY'])) { $message_delete_time = format_time($message['EDITED']); echo " <td align=\"left\">", sprintf(gettext("Message %s.%s deleted %s by %s"), $tid, $pid, $message_delete_time, $edit_user), "</td>\n"; } else { echo " <td align=\"left\">", sprintf(gettext("Message %s.%s was deleted"), $tid, $pid), "</td>\n"; } } else { echo " <td align=\"left\">", sprintf(gettext("Message %s.%s was deleted"), $tid, $pid), "</td>\n"; } echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; if ($in_list && !$is_preview) { message_display_navigation($tid, $message['PID'], $first_msg, $msg_count, $posts_per_page); } echo " </tr>\n"; echo "</table>\n"; echo "</div>\n"; echo $in_list ? "<br />\n" : ''; }
if (isset($_POST['delete_user_confirm'])) { if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0, 0)) { html_draw_error(gettext("You do not have permission to use this section."), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center'); } $delete_content = isset($_POST['delete_content']) && $_POST['delete_content'] == 'Y'; if (admin_delete_user($uid, $delete_content)) { html_draw_top(array('title' => $page_title, 'class' => 'window_title', 'main_css' => 'admin.css')); html_display_msg(gettext("Delete User"), gettext("User Successfully Deleted"), 'admin_users.php', 'get', array('back' => gettext("Back")), array(), '_self', 'center'); html_draw_bottom(); exit; } else { html_draw_error(gettext("Failed To Delete User"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center'); } } else { if (isset($_POST['delete_posts_confirm'])) { if (($user_logon = user_get_logon($uid)) !== false) { if (admin_delete_users_posts($uid)) { admin_add_log_entry(DELETE_ALL_USER_POSTS, array($user_logon)); html_draw_top(array('title' => $page_title, 'class' => 'window_title', 'main_css' => 'admin.css')); html_display_msg(gettext("Delete posts"), gettext("Posts were successfully deleted"), 'admin_user.php', 'get', array('back' => gettext("Back")), array(), '_self', 'center'); html_draw_bottom(); exit; } else { html_draw_error(gettext("Failed to delete user's posts"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center'); } } } else { if (isset($_POST['user_perm_submit'])) { $valid = true; if (forum_check_webtag_available($webtag)) { // Local user permissions
// Required includes require_once BH_INCLUDE_PATH . 'attachments.inc.php'; require_once BH_INCLUDE_PATH . 'constants.inc.php'; require_once BH_INCLUDE_PATH . 'format.inc.php'; require_once BH_INCLUDE_PATH . 'html.inc.php'; require_once BH_INCLUDE_PATH . 'profile.inc.php'; require_once BH_INCLUDE_PATH . 'user.inc.php'; require_once BH_INCLUDE_PATH . 'user_profile.inc.php'; require_once BH_INCLUDE_PATH . 'user_rel.inc.php'; require_once BH_INCLUDE_PATH . 'word_filter.inc.php'; // End Required includes $uid = null; $logon = null; if (isset($_GET['uid']) && is_numeric($_GET['uid'])) { $uid = $_GET['uid']; if (!($logon = user_get_logon($uid))) { html_draw_error(gettext("Unknown user")); } } else { if (isset($_GET['logon']) && strlen(trim($_GET['logon'])) > 0) { $logon = trim($_GET['logon']); if (($user_array = user_get_by_logon($logon)) !== false) { $uid = $user_array['UID']; } } } if (!isset($uid)) { html_draw_error(gettext("No user specified.")); } // Get the Profile Sections. $profile_sections = profile_sections_get();
$split_type = $_POST['split_type']; if ($split_result = thread_split($tid, $split_start, $split_type, $error_str)) { post_add_edit_text($tid, 1); admin_add_log_entry(THREAD_SPLIT, $split_result); } else { $error_msg_array[] = $error_str; $valid = false; } } } } } } if (isset($_POST['t_to_uid_in_thread']) && is_numeric($_POST['t_to_uid_in_thread']) && isset($_POST['deluser_con']) && $_POST['deluser_con'] == "Y") { $del_user_uid = $_POST['t_to_uid_in_thread']; if ($user_logon = user_get_logon($del_user_uid)) { if (thread_delete_by_user($tid, $del_user_uid)) { post_add_edit_text($tid, 1); admin_add_log_entry(DELETE_USER_THREAD_POSTS, array($tid, $thread_data['TITLE'], $user_logon)); } else { $error_msg_array[] = sprintf(gettext("Failed to delete posts by selected user"), $user_logon); $valid = false; } } } if (isset($_POST['delete_thread']) && in_array($_POST['delete_thread'], $thread_delete_valid_types)) { if (isset($_POST['delete_thread_confirm']) && $_POST['delete_thread_confirm'] == "Y") { $delete_thread = $_POST['delete_thread']; if (thread_delete($tid, $delete_thread)) { post_add_edit_text($tid, 1); admin_add_log_entry(DELETE_THREAD, array($tid, $thread_data['TITLE']));
function light_message_display($tid, $message, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $is_poll = false, $is_preview = false) { $perm_is_moderator = session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid); $post_edit_time = forum_get_setting('post_edit_time', null, 0); $post_edit_grace_period = forum_get_setting('post_edit_grace_period', null, 0); $webtag = get_webtag(); $attachments_array = array(); $image_attachments_array = array(); if (($uid = session::get_value('UID')) === false) { return; } if ((!isset($message['CONTENT']) || $message['CONTENT'] == "") && !$is_preview) { light_message_display_deleted($tid, isset($message['PID']) ? $message['PID'] : 0); return; } $from_user_permissions = perm_get_user_permissions($message['FROM_UID']); if ($uid != $message['FROM_UID']) { if ($from_user_permissions & USER_PERM_WORMED && !$perm_is_moderator) { light_message_display_deleted($tid, $message['PID']); return; } } if (!isset($message['FROM_RELATIONSHIP'])) { $message['FROM_RELATIONSHIP'] = 0; } if (!isset($message['TO_RELATIONSHIP'])) { $message['TO_RELATIONSHIP'] = 0; } if ($message['TO_RELATIONSHIP'] & USER_IGNORED_COMPLETELY || $message['FROM_RELATIONSHIP'] & USER_IGNORED_COMPLETELY) { light_message_display_deleted($tid, $message['PID']); return; } if (forum_get_setting('require_post_approval', 'Y') && $message['FROM_UID'] != $uid) { if (isset($message['APPROVED']) && $message['APPROVED'] == 0 && !$perm_is_moderator) { light_message_display_approval_req($tid, $message['PID']); return; } } // OUTPUT MESSAGE ---------------------------------------------------------- if (!$is_preview && $message['MOVED_TID'] > 0 && $message['MOVED_PID'] > 0) { $post_link = "<a href=\"messages.php?webtag={$webtag}&msg=%s.%s\" target=\"_self\">%s</a>"; $post_link = sprintf($post_link, $message['MOVED_TID'], $message['MOVED_PID'], gettext("here")); light_html_display_warning_msg(gettext("<b>Thread Split:</b> This post has been moved %s"), $post_link); return; } if ($in_list) { echo "<a name=\"a{$tid}_{$message['PID']}\"></a>"; } echo "<div class=\"message\">\n"; if (session::get_value('IMAGES_TO_LINKS') == 'Y') { $message['CONTENT'] = preg_replace('/<a([^>]*)href="([^"]*)"([^\\>]*)><img[^>]*src="([^"]*)"[^>]*><\\/a>/iu', '[img: <a\\1href="\\2"\\3>\\4</a>]', $message['CONTENT']); $message['CONTENT'] = preg_replace('/<img[^>]*src="([^"]*)"[^>]*>/iu', '[img: <a href="\\1">\\1</a>]', $message['CONTENT']); $message['CONTENT'] = preg_replace('/<embed[^>]*src="([^"]*)"[^>]*>/iu', '[object: <a href="\\1">\\1</a>]', $message['CONTENT']); } if (mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226)) && $limit_text) { $cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226))); $cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg); $message['CONTENT'] = fix_html($cut_msg); $message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n"; $message['CONTENT'] .= "<a href=\"ldisplay.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" class=\"message_full_view\">" . gettext("View full message") . ".</a>"; } echo "<div class=\"message_header\">\n"; echo "<div class=\"message_from\">\n"; echo "", gettext("From"), ": ", word_filter_add_ob_tags(format_user_name($message['FLOGON'], $message['FNICK']), true); if ($message['FROM_RELATIONSHIP'] & USER_FRIEND) { echo "<span class=\"user_friend\" title=\"", gettext("Friend"), "\">[F]</span>"; } else { if ($message['FROM_RELATIONSHIP'] & USER_IGNORED) { echo "<span class=\"user_enemy\" title=\"", gettext("Ignored user"), "\">[E]</span>"; } } // If the user posting a poll is ignored, remove ignored status for this message only so the poll can be seen if ($is_poll && $message['PID'] == 1 && $message['FROM_RELATIONSHIP'] & USER_IGNORED) { $message['FROM_RELATIONSHIP'] -= USER_IGNORED; } if ($message['FROM_RELATIONSHIP'] & USER_IGNORED && $limit_text) { echo gettext("Ignored message"); } else { if ($in_list) { if ($from_user_permissions & USER_PERM_WORMED) { echo gettext("Wormed user"); } echo "<span class=\"message_time\">", format_time($message['CREATED']), "</span>\n"; } } echo "<div class=\"clearer\"></div>\n"; echo "</div>"; echo "<div class=\"message_to\">\n"; if ($message['TLOGON'] != gettext("ALL") && $message['TO_UID'] != 0) { echo "", gettext("To"), ": ", word_filter_add_ob_tags(format_user_name($message['TLOGON'], $message['TNICK']), true); if ($message['TO_RELATIONSHIP'] & USER_FRIEND) { echo "<span class=\"user_friend\" title=\"", gettext("Friend"), "\">[F]</span>"; } else { if ($message['TO_RELATIONSHIP'] & USER_IGNORED) { echo "<span class=\"user_enemy\" title=\"", gettext("Ignored user"), "\">[E]</span>"; } } if (!$is_preview) { if (isset($message['VIEWED']) && $message['VIEWED'] > 0) { echo "<span class=\"message_read\">", format_time($message['VIEWED']), "</span>"; } else { echo "<span class=\"message_unread\" title=\"", gettext("Unread"), "\"></span>"; } } } else { echo "", gettext("To"), ": ", gettext("ALL"), ""; } if ($in_list && $msg_count > 0) { echo "<span class=\"message_count\">", sprintf(gettext("%s of %s"), $message['PID'], $msg_count), "</span>"; } echo "<div class=\"clearer\"></div>\n"; echo "</div>\n"; echo "</div>\n"; echo "<div class=\"message_links\">\n"; if ($in_list && $msg_count > 0) { echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\">{$tid}.{$message['PID']}</a>"; if ($message['REPLY_TO_PID'] > 0) { echo " ", gettext("In reply to"), " "; if (intval($message['REPLY_TO_PID']) >= intval($first_msg)) { echo "<a href=\"#a{$tid}_{$message['REPLY_TO_PID']}\" target=\"_self\">{$tid}.{$message['REPLY_TO_PID']}</a>"; } else { echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['REPLY_TO_PID']}\">{$tid}.{$message['REPLY_TO_PID']}</a>"; } } } echo "</div>\n"; if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) { $message['CONTENT'] = message_apply_formatting($message['CONTENT'], true); } $message['CONTENT'] = light_spoiler_enable($message['CONTENT']); if ($is_poll !== true) { $message['CONTENT'] = word_filter_add_ob_tags($message['CONTENT']); } echo "<div class=\"message_body\">\n"; echo $message['CONTENT']; if (isset($message['EDITED']) && $message['EDITED'] > 0) { if ($post_edit_grace_period == 0 || $message['EDITED'] - $message['CREATED'] > $post_edit_grace_period * MINUTE_IN_SECONDS) { if ($edit_user = user_get_logon($message['EDITED_BY'])) { echo "<div class=\"edit_text\">", sprintf(gettext("EDITED: %s by %s"), format_time($message['EDITED']), $edit_user), "</div>\n"; } } } echo "</div>\n"; if ($tid != 0 && isset($message['PID']) || isset($message['AID'])) { $aid = isset($message['AID']) ? $message['AID'] : attachments_get_id($tid, $message['PID']); if (attachments_get($message['FROM_UID'], $aid, $attachments_array, $image_attachments_array)) { if (sizeof($attachments_array) > 0) { echo "<div class=\"message_attachments\">\n"; echo " <span>", gettext("Attachments"), ":</span>\n"; echo " <ul>\n"; foreach ($attachments_array as $attachment) { if ($attachment_link = light_attachments_make_link($attachment)) { echo "<li>", $attachment_link, "</li>\n"; } } echo " </ul>\n"; echo "</div>\n"; } if (sizeof($image_attachments_array) > 0) { echo "<div class=\"message_attachments\">\n"; echo " <span>", gettext("Image Attachments"), ":</span>\n"; echo " <ul>\n"; foreach ($image_attachments_array as $attachment) { if ($attachment_link = light_attachments_make_link($attachment)) { echo "<li>", $attachment_link, "</li>\n"; } } echo " </ul>\n"; echo "</div>\n"; } } } if (!$is_preview && $msg_count > 0) { $links_array = array(); if (!$closed && session::check_perm(USER_PERM_POST_CREATE, $folder_fid)) { $links_array[] = "<a href=\"lpost.php?webtag={$webtag}&replyto={$tid}.{$message['PID']}\" class=\"reply\">" . gettext("Reply") . "</a>"; } if ($uid == $message['FROM_UID'] && session::check_perm(USER_PERM_POST_DELETE, $folder_fid) && !session::check_perm(USER_PERM_PILLORIED, 0) || $perm_is_moderator) { $links_array[] = "<a href=\"ldelete.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" class=\"delete\">" . gettext("Delete") . "</a>"; } if (!session::check_perm(USER_PERM_PILLORIED, 0) && ($uid != $message['FROM_UID'] && $from_user_permissions & USER_PERM_PILLORIED || $uid == $message['FROM_UID']) && session::check_perm(USER_PERM_POST_EDIT, $folder_fid) && ($post_edit_time == 0 || time() - $message['CREATED'] < $post_edit_time * HOUR_IN_SECONDS) && forum_get_setting('allow_post_editing', 'Y') || $perm_is_moderator) { if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) { $links_array[] = "<a href=\"ledit.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" class=\"edit\">" . gettext("Edit") . "</a>"; } } if (sizeof($links_array) > 0) { echo "<div class=\"message_footer_links\">", implode(' ', $links_array), "</div>\n"; } } else { echo "<div class=\"message_footer_links\"></div>\n"; } echo "</div>"; }
function admin_delete_user($uid, $delete_content = false) { if (!($db = db::get())) { return false; } if (!is_numeric($uid)) { return false; } if (!is_bool($delete_content)) { $delete_content = false; } // Constants for deleting PM data $pm_inbox_items = PM_INBOX_ITEMS; $pm_sent_items = PM_SENT_ITEMS; $pm_outbox_items = PM_OUTBOX_ITEMS; $pm_saved_out = PM_SAVED_OUT; $pm_saved_in = PM_SAVED_IN; $pm_draft_items = PM_DRAFT_ITEMS; $current_datetime = date(MYSQL_DATETIME, time()); // UID of current user $admin_uid = session::get_value('UID'); // Before we delete we verify the user account exists and that // the user is not the current user account. if (($user_logon = user_get_logon($uid)) && $admin_uid != $uid) { // Check to see if we're also deleting the user's content. if ($delete_content === true) { // Get a list of available forums if ($forum_table_prefix_array = forum_get_all_prefixes()) { // Loop through all forums and delete all the user data from every forum. foreach ($forum_table_prefix_array as $forum_table_prefix) { // Delete log entries created by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}ADMIN_LOG` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Links created by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Link Votes made by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_VOTE` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Link Comments made by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_COMMENT` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Poll Votes made by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_POLL_VOTES` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Relationship data for the user and relationships // with this user made by other users. $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PEER` WHERE UID = '{$uid}' OR PEER_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete folder preferences set by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_FOLDER` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Preferences $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PREFS` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Profile. $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PROFILE` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Signature $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_SIG` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Thread Read Data $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_THREAD` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Tracking data (Post Count, etc.) $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_TRACK` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Word Filter Entries made by user $sql = "DELETE QUICK FROM `{$forum_table_prefix}WORD_FILTER` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Polls created by user $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET POLL_FLAG = 'N', "; $sql .= "MODIFIED = CAST('{$current_datetime}' AS DATETIME) WHERE BY_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete threads started by the user where // the thread only contains a single post. $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET DELETED = 'Y', "; $sql .= "MODIFIED = CAST('{$current_datetime}' AS DATETIME) WHERE BY_UID = '{$uid}' "; $sql .= "AND LENGTH = 1"; if (!$db->query($sql)) { return false; } // Delete content of posts made by this user $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST_CONTENT` POST_CONTENT "; $sql .= "LEFT JOIN `{$forum_table_prefix}POST` POST ON (POST.TID = POST_CONTENT.TID "; $sql .= "AND POST.PID = POST_CONTENT.PID) SET POST_CONTENT.CONTENT = NULL "; $sql .= "WHERE POST.FROM_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Mark posts made by this user as approved so they don't appear in the // approval queue. $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST` "; $sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), "; $sql .= "APPROVED_BY = '{$admin_uid}' WHERE FROM_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } } } // Delete Dictionary entries added by user $sql = "DELETE QUICK FROM DICTIONARY WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User Group Entries related to this user. $sql = "DELETE QUICK FROM GROUP_USERS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's PM Content $sql = "DELETE QUICK FROM PM_CONTENT USING PM_CONTENT "; $sql .= "LEFT JOIN PM ON (PM.MID = PM_CONTENT.MID) "; $sql .= "WHERE ((PM.TYPE & {$pm_inbox_items} > 0) AND PM.TO_UID = '{$uid}') "; $sql .= "OR ((PM.TYPE & {$pm_sent_items} > 0) AND PM.FROM_UID = '{$uid}' AND PM.SMID = 0) "; $sql .= "OR ((PM.TYPE & {$pm_outbox_items} > 0) AND PM.FROM_UID = '{$uid}') "; $sql .= "OR ((PM.TYPE & {$pm_saved_out} > 0) AND PM.FROM_UID = '{$uid}') "; $sql .= "OR ((PM.TYPE & {$pm_saved_in} > 0) AND PM.TO_UID = '{$uid}') "; $sql .= "OR ((PM.TYPE & {$pm_draft_items} > 0) AND PM.FROM_UID = '{$uid}') "; if (!$db->query($sql)) { return false; } // Delete User's PMs. $sql = "DELETE QUICK FROM PM WHERE ((TYPE & {$pm_inbox_items} > 0) "; $sql .= "AND TO_UID = '{$uid}') OR ((TYPE & {$pm_sent_items} > 0) "; $sql .= "AND FROM_UID = '{$uid}' AND SMID = 0) OR ((TYPE & {$pm_outbox_items} > 0) "; $sql .= "AND FROM_UID = '{$uid}') OR ((TYPE & {$pm_saved_out} > 0) "; $sql .= "AND FROM_UID = '{$uid}') OR ((TYPE & {$pm_saved_in} > 0) "; $sql .= "AND TO_UID = '{$uid}') OR ((TYPE & {$pm_draft_items} > 0) "; $sql .= "AND FROM_UID = '{$uid}') "; if (!$db->query($sql)) { return false; } // Delete User's PM Search Results $sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Attachments (doesn't remove the physical files). $sql = "DELETE QUICK FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Search Results. $sql = "DELETE QUICK FROM SEARCH_RESULTS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Sessions $sql = "DELETE QUICK FROM SESSIONS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Forum Preferences and Permissions $sql = "DELETE QUICK FROM USER_FORUM WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's History Data (Logon, Nickname, Email address changes) $sql = "DELETE QUICK FROM USER_HISTORY WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Global Preferences $sql = "DELETE QUICK FROM USER_PREFS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Visitor Log Data $sql = "DELETE QUICK FROM VISITOR_LOG WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Add a log entry to show what we've done. admin_add_log_entry(DELETE_USER_DATA, array($uid, $user_logon)); } // Delete the User account. $sql = "DELETE QUICK FROM USER WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Add a log entry to show what we've done. admin_add_log_entry(DELETE_USER, array($user_logon)); return true; } return false; }
function admin_delete_user($uid, $delete_content = false) { if (!($db = db::get())) { return false; } if (!is_numeric($uid)) { return false; } if (!is_bool($delete_content)) { $delete_content = false; } $current_datetime = date(MYSQL_DATETIME, time()); // Mark as read cut off $modified_cutoff_datetime = forum_get_unread_cutoff_datetime(); // UID of current user if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) { return false; } // Before we delete we verify the user account exists and that // the user is not the current user account. if (($user_logon = user_get_logon($uid)) && $_SESSION['UID'] != $uid) { // Check to see if we're also deleting the user's content. if ($delete_content === true) { // Get a list of available forums if (($forum_table_prefix_array = forum_get_all_prefixes()) !== false) { // Loop through all forums and delete all the user data from every forum. foreach ($forum_table_prefix_array as $forum_table_prefix) { // Delete log entries created by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}ADMIN_LOG` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Links created by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Link Votes made by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_VOTE` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Link Comments made by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_COMMENT` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Poll Votes made by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_POLL_VOTES` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Relationship data for the user and relationships // with this user made by other users. $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PEER` WHERE UID = '{$uid}' OR PEER_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete folder preferences set by the user $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_FOLDER` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Preferences $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PREFS` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Profile. $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PROFILE` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Signature $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_SIG` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Thread Read Data $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_THREAD` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Tracking data (Post Count, etc.) $sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_TRACK` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Word Filter Entries made by user $sql = "DELETE QUICK FROM `{$forum_table_prefix}WORD_FILTER` WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete Polls created by user $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET POLL_FLAG = 'N', "; $sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), "; $sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE BY_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete threads started by the user where // the thread only contains a single post. $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET DELETED = 'Y', "; $sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), "; $sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE BY_UID = '{$uid}' "; $sql .= "AND LENGTH = 1"; if (!$db->query($sql)) { return false; } // Delete content of posts made by this user $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST_CONTENT` POST_CONTENT "; $sql .= "LEFT JOIN `{$forum_table_prefix}POST` POST ON (POST.TID = POST_CONTENT.TID "; $sql .= "AND POST.PID = POST_CONTENT.PID) SET POST_CONTENT.CONTENT = NULL "; $sql .= "WHERE POST.FROM_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Mark posts made by this user as approved so they don't appear in the // approval queue. $sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST` "; $sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), "; $sql .= "APPROVED_BY = '{$_SESSION['UID']}' WHERE FROM_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } } } // Delete User Group Entries related to this user. $sql = "DELETE QUICK FROM GROUP_USERS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Remove all PM_TYPE records $sql = "DELETE QUICK FROM PM_TYPE WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Remove all PM_RECIPIENT records $sql = "DELETE QUICK FROM PM_RECIPIENT WHERE TO_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete any PMs from this user. $sql = "DELETE QUICK FROM PM WHERE FROM_UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Remove any PMs that have no recipients. $sql = "DELETE QUICK FROM PM, PM_CONTENT USING PM "; $sql .= "LEFT JOIN PM_CONTENT ON (PM_CONTENT.MID = PM.MID) "; $sql .= "LEFT JOIN PM_RECIPIENT ON (PM_RECIPIENT.MID = PM.MID) "; $sql .= "LEFT JOIN PM_TYPE ON (PM_TYPE.MID = PM.MID) "; $sql .= "WHERE PM_TYPE.MID IS NULL OR PM_RECIPIENT.MID IS NULL"; if (!$db->query($sql)) { return false; } // Delete all the attachments uploaded by the user. $sql = "SELECT HASH FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'"; if (!($result = $db->query($sql))) { return false; } while (($attachment_data = $result->fetch_assoc()) !== null) { attachments_delete($attachment_data['HASH']); } // Delete User's PM Search Results $sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Attachments (doesn't remove the physical files). $sql = "DELETE QUICK FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Search Results. $sql = "DELETE QUICK FROM SEARCH_RESULTS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Sessions $sql = "DELETE QUICK FROM SESSIONS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Forum Preferences and Permissions $sql = "DELETE QUICK FROM USER_FORUM WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's History Data (Logon, Nickname, Email address changes) $sql = "DELETE QUICK FROM USER_HISTORY WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Global Preferences $sql = "DELETE QUICK FROM USER_PERM WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Global Preferences $sql = "DELETE QUICK FROM USER_PREFS WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Delete User's Visitor Log Data $sql = "DELETE QUICK FROM VISITOR_LOG WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Add a log entry to show what we've done. admin_add_log_entry(DELETE_USER_DATA, array($uid, $user_logon)); } // Delete the User account. $sql = "DELETE QUICK FROM USER WHERE UID = '{$uid}'"; if (!$db->query($sql)) { return false; } // Add a log entry to show what we've done. admin_add_log_entry(DELETE_USER, array($user_logon)); return true; } return false; }
} } } if ($valid) { $ret = rawurlencode($ret); $user_search = rawurlencode($user_search); header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&added=true"); exit; } } } else { if (isset($_POST['remove'])) { $valid = true; if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) { foreach ($_POST['remove_user'] as $remove_user_uid) { if (($user_logon = user_get_logon($remove_user_uid)) !== false) { if (user_update_forums($remove_user_uid, $forum_fid, FORUM_USER_DISALLOWED)) { $forum_name = forum_get_name($forum_fid); admin_add_log_entry(CHANGE_FORUM_ACCESS, array($forum_name, $user_logon)); } else { $error_msg_array[] = sprintf(gettext("Failed to remove permissions from user '%s'"), $user_logon); $valid = false; } } } if ($valid) { $ret = rawurlencode($ret); $user_search = rawurlencode($user_search); header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&removed=true"); exit; }