public static function &AllBans() {
if (!self::$_AllBans) {
self::$_AllBans = Gdn::SQL()->Get('Ban')->ResultArray();
self::$_AllBans = Gdn_DataSet::Index(self::$_AllBans, array('BanID'));
}
// $AllBans =& self::$_AllBans;
return self::$_AllBans;
}
/**
* Get and store list of current bans.
*
* @since 2.0.18
* @access public
*/
public static function &allBans()
{
if (!self::$_AllBans) {
self::$_AllBans = Gdn::sql()->get('Ban')->resultArray();
self::$_AllBans = Gdn_DataSet::index(self::$_AllBans, array('BanID'));
}
// $AllBans =& self::$_AllBans;
return self::$_AllBans;
}
/**
*
*
* @throws Exception
*/
protected function getData()
{
$userID = $this->UserID ?: Gdn::session()->UserID;
$user = Gdn::userModel()->getID($userID);
$banned = val('Banned', $user);
$bits = BanModel::explodeBans($banned);
$reasons = array();
foreach ($bits as $bit) {
if (($bit & $this->ExcludeBans) === 0) {
$reasons[$bit] = t("BanReason.{$bit}");
}
}
$this->setData('Reasons', $reasons);
if (!$this->Summary) {
if ($this->ExcludeBans) {
$summary = "Also banned for the following:";
} else {
$summary = "Banned for the following:";
}
}
$this->setData('Summary', $this->Summary ?: $summary);
$this->EventArguments['User'] = $user;
$this->fireEvent('GetData');
}
public function toString()
{
$Session = Gdn::session();
$Controller = Gdn::controller();
$UserID = $Controller->User->UserID;
$MemberOptions = array();
$ProfileOptions = array();
$Controller->EventArguments['UserID'] = $UserID;
$Controller->EventArguments['ProfileOptions'] =& $ProfileOptions;
$Controller->EventArguments['MemberOptions'] =& $MemberOptions;
if ($Controller->EditMode) {
return '<div class="ProfileOptions">' . anchor(t('Back to Profile'), userUrl($Controller->User), array('class' => 'ProfileButtons')) . '</div>';
// $ProfileOptions[] = array('Text' => t('Back to Profile'), 'Url' => userUrl($Controller->User), 'CssClass' => 'BackToProfile');
} else {
// Profile Editing
if (hasEditProfile($Controller->User->UserID)) {
$ProfileOptions[] = array('Text' => sprite('SpEditProfile') . ' ' . t('Edit Profile'), 'Url' => userUrl($Controller->User, '', 'edit'));
} elseif ($Session->isValid() && $UserID == $Session->UserID) {
$ProfileOptions[] = array('Text' => sprite('SpEditProfile') . ' ' . t('Preferences'), 'Url' => userUrl($Controller->User, '', 'preferences'));
}
// Ban/Unban
$MayBan = checkPermission('Garden.Moderation.Manage') || checkPermission('Garden.Users.Edit') || checkPermission('Moderation.Users.Ban');
if ($MayBan && $UserID != $Session->UserID) {
if (BanModel::isBanned($Controller->User->Banned, BanModel::BAN_AUTOMATIC | BanModel::BAN_MANUAL)) {
$ProfileOptions[] = array('Text' => sprite('SpBan') . ' ' . t('Unban'), 'Url' => "/user/ban?userid={$UserID}&unban=1", 'CssClass' => 'Popup');
} elseif (!$Controller->User->Admin) {
$ProfileOptions[] = array('Text' => sprite('SpBan') . ' ' . t('Ban'), 'Url' => "/user/ban?userid={$UserID}", 'CssClass' => 'Popup');
}
}
// Delete content.
if (checkPermission('Garden.Moderation.Manage')) {
$ProfileOptions[] = array('Text' => sprite('SpDelete') . ' ' . t('Delete Content'), 'Url' => "/user/deletecontent?userid={$UserID}", 'CssClass' => 'Popup');
}
}
return parent::ToString();
}
/**
* Ban a user and optionally delete their content.
*
* @since 2.1
* @param type $UserID
*/
public function ban($UserID, $Unban = false)
{
$this->permission(array('Garden.Moderation.Manage', 'Garden.Users.Edit', 'Moderation.Users.Ban'), false);
$User = Gdn::userModel()->getID($UserID, DATASET_TYPE_ARRAY);
if (!$User) {
throw notFoundException($User);
}
$UserModel = Gdn::userModel();
// Block banning the super admin or system accounts.
$User = $UserModel->getID($UserID);
if (val('Admin', $User) == 2) {
throw forbiddenException("@You may not ban a system user.");
} elseif (val('Admin', $User)) {
throw forbiddenException("@You may not ban a super admin.");
}
// Is the user banned for other reasons?
$this->setData('OtherReasons', BanModel::isBanned(val('Banned', $User, 0), ~BanModel::BAN_AUTOMATIC));
if ($this->Form->authenticatedPostBack()) {
if ($Unban) {
$UserModel->unban($UserID, array('RestoreContent' => $this->Form->getFormValue('RestoreContent')));
} else {
if (!ValidateRequired($this->Form->getFormValue('Reason'))) {
$this->Form->addError('ValidateRequired', 'Reason');
}
if ($this->Form->getFormValue('Reason') == 'Other' && !ValidateRequired($this->Form->getFormValue('ReasonText'))) {
$this->Form->addError('ValidateRequired', 'Reason Text');
}
if ($this->Form->errorCount() == 0) {
if ($this->Form->getFormValue('Reason') == 'Other') {
$Reason = $this->Form->getFormValue('ReasonText');
} else {
$Reason = $this->Form->getFormValue('Reason');
}
// Just because we're banning doesn't mean we can nuke their content
$DeleteContent = checkPermission('Garden.Moderation.Manage') ? $this->Form->getFormValue('DeleteContent') : false;
$UserModel->ban($UserID, array('Reason' => $Reason, 'DeleteContent' => $DeleteContent));
}
}
if ($this->Form->errorCount() == 0) {
// Redirect after a successful save.
if ($this->Request->get('Target')) {
$this->RedirectUrl = $this->Request->get('Target');
} elseif ($this->deliveryType() == DELIVERY_TYPE_ALL) {
$this->RedirectUrl = url(userUrl($User));
} else {
$this->jsonTarget('', '', 'Refresh');
}
}
}
// Permission flag for view
$this->setData('_MayDeleteContent', checkPermission('Garden.Moderation.Manage'));
$this->setData('User', $User);
$this->addSideMenu();
$this->title($Unban ? t('Unban User') : t('Ban User'));
if ($Unban) {
$this->View = 'Unban';
}
$this->render();
}
/**
* Synchronizes the user based on a given UserKey.
*
* @param string $UserKey A string that uniquely identifies this user.
* @param array $Data Information to put in the user table.
* @return int The ID of the user.
*/
public function synchronize($UserKey, $Data)
{
$UserID = 0;
$Attributes = val('Attributes', $Data);
if (is_string($Attributes)) {
$Attributes = dbdecode($Attributes);
}
if (!is_array($Attributes)) {
$Attributes = [];
}
// If the user didnt log in, they won't have a UserID yet. That means they want a new
// account. So create one for them.
if (!isset($Data['UserID']) || $Data['UserID'] <= 0) {
// Prepare the user data.
$UserData = [];
$UserData['Name'] = $Data['Name'];
$UserData['Password'] = randomString(16);
$UserData['Email'] = val('Email', $Data, '*****@*****.**');
$UserData['Gender'] = strtolower(substr(val('Gender', $Data, 'u'), 0, 1));
$UserData['HourOffset'] = val('HourOffset', $Data, 0);
$UserData['DateOfBirth'] = val('DateOfBirth', $Data, '');
$UserData['CountNotifications'] = 0;
$UserData['Attributes'] = $Attributes;
$UserData['InsertIPAddress'] = ipEncode(Gdn::request()->ipAddress());
if ($UserData['DateOfBirth'] == '') {
$UserData['DateOfBirth'] = '1975-09-16';
}
// Make sure there isn't another user with this username.
if ($this->validateUniqueFields($UserData['Name'], $UserData['Email'])) {
if (!BanModel::checkUser($UserData, $this->Validation, true)) {
throw permissionException('Banned');
}
// Insert the new user.
$this->addInsertFields($UserData);
$UserID = $this->insertInternal($UserData);
}
if ($UserID > 0) {
$NewUserRoleIDs = $this->newUserRoleIDs();
// Save the roles.
$Roles = val('Roles', $Data, false);
if (empty($Roles)) {
$Roles = $NewUserRoleIDs;
}
$this->saveRoles($UserID, $Roles, false);
}
} else {
$UserID = $Data['UserID'];
}
// Synchronize the transientkey from the external user data source if it is present (eg. WordPress' wpnonce).
if (array_key_exists('TransientKey', $Attributes) && $Attributes['TransientKey'] != '' && $UserID > 0) {
$this->setTransientKey($UserID, $Attributes['TransientKey']);
}
return $UserID;
}
public function Register($FormPostValues, $Options = array()) {
$Valid = TRUE;
$FormPostValues['LastIPAddress'] = Gdn::Request()->IpAddress();
// Check for banning first.
$Valid = BanModel::CheckUser($FormPostValues, $this->Validation, TRUE);
// Check for spam.
if ($Valid) {
$Spam = SpamModel::IsSpam('User', $FormPostValues);
if ($Spam) {
$Valid = FALSE;
$this->Validation->AddValidationResult('Spam', 'You are not allowed to register at this time.');
}
}
// Throw an event to allow plugins to block the registration.
$this->EventArguments['User'] = $FormPostValues;
$this->EventArguments['Valid'] =& $Valid;
$this->FireEvent('BeforeRegister');
if (!$Valid)
return FALSE; // plugin blocked registration
switch (strtolower(C('Garden.Registration.Method'))) {
case 'captcha':
$UserID = $this->InsertForBasic($FormPostValues, GetValue('CheckCaptcha', $Options, TRUE), $Options);
break;
case 'approval':
$UserID = $this->InsertForApproval($FormPostValues, $Options);
break;
case 'invitation':
$UserID = $this->InsertForInvite($FormPostValues, $Options);
break;
case 'closed':
$UserID = FALSE;
$this->Validation->AddValidationResult('Registration', 'Registration is closed.');
break;
case 'basic':
default:
$UserID = $this->InsertForBasic($FormPostValues, GetValue('CheckCaptcha', $Options, FALSE), $Options);
break;
}
return $UserID;
}
public function Register($FormPostValues, $Options = array())
{
$Valid = TRUE;
$FormPostValues['LastIPAddress'] = Gdn::Request()->IpAddress();
// Throw an error if the registering user has an active session
if (Gdn::Session()->IsValid()) {
$this->Validation->AddValidationResult('Name', 'You are already registered.');
}
// Check for banning first.
$Valid = BanModel::CheckUser($FormPostValues, $this->Validation, TRUE);
// Throw an event to allow plugins to block the registration.
unset($this->EventArguments['User']);
$this->EventArguments['User'] = $FormPostValues;
$this->EventArguments['Valid'] =& $Valid;
$this->FireEvent('BeforeRegister');
if (!$Valid) {
return FALSE;
}
// plugin blocked registration
switch (strtolower(C('Garden.Registration.Method'))) {
case 'captcha':
$UserID = $this->InsertForBasic($FormPostValues, GetValue('CheckCaptcha', $Options, TRUE), $Options);
break;
case 'approval':
$UserID = $this->InsertForApproval($FormPostValues, $Options);
break;
case 'invitation':
$UserID = $this->InsertForInvite($FormPostValues, $Options);
break;
case 'closed':
$UserID = FALSE;
$this->Validation->AddValidationResult('Registration', 'Registration is closed.');
break;
case 'basic':
default:
$UserID = $this->InsertForBasic($FormPostValues, GetValue('CheckCaptcha', $Options, FALSE), $Options);
break;
}
return $UserID;
}