/**
* Delete account(s)
*
* @param array ID Numbers
* @param string md5( IPS Connect Key (see login method) . json_encode( ID number ) )
*/
public function delete($ids, $key)
{
if ($key != md5($this->masterKey . json_encode($ids))) {
$this->_return(base64_encode($this->settings['board_url']), array('status' => 'BAD_KEY'));
}
IPSMember::remove($ids);
$this->_return($redirect, array('status' => 'SUCCESS'));
}
/**
* Converge_Server::onMemberDelete()
*
* Deletes the member.
* Keep in mind that the member may not be in the local DB
* if they've not yet visited this site.
*
* This will return a param "response" with either
* - FAILED (Unknown failure)
* - SUCCESS (Added OK)
*
* @access public
* @param int $product_id Product ID
* @param string $auth_key Authentication Key
* @param string $multiple_email_addresses Comma delimited list of email addresses
* @return mixed xml / boolean
*/
public function onMemberDelete($auth_key, $product_id, $multiple_email_addresses = '')
{
//-----------------------------------------
// INIT
//-----------------------------------------
$return = 'FAILED';
$emails = explode(",", $this->DB->addSlashes(IPSText::parseCleanValue($multiple_email_addresses)));
$member_ids = array();
$auth_key = IPSText::md5Clean($auth_key);
$product_id = intval($product_id);
//-----------------------------------------
// Authenticate
//-----------------------------------------
if ($this->__authenticate($auth_key, $product_id) !== FALSE) {
//-----------------------------------------
// Get member IDs
//-----------------------------------------
$this->DB->build(array('select' => 'member_id', 'from' => 'members', 'where' => "email IN ('" . implode("','", $emails) . "')"));
$this->DB->execute();
while ($row = $this->DB->fetch()) {
$member_ids[$row['member_id']] = $row['member_id'];
}
//-----------------------------------------
// Remove the members
//-----------------------------------------
if (count($member_ids)) {
//-----------------------------------------
// Get the member class
//-----------------------------------------
IPSMember::remove($member_ids, false);
}
//-----------------------------------------
// return
//-----------------------------------------
$return = 'SUCCESS';
$this->classApiServer->apiSendReply(array('complete' => 1, 'response' => $return));
exit;
}
}
/**
* When a member logs in via an external login method and we do not have all of the data
* to create the member's account, we create a partial record. This function shows the
* form upon first visit by member (usually immediately after login) to complete the
* login/registration.
*
* @param array Errors
* @return @e void [Outputs to screen/redirects]
*/
protected function _completeRegistration($form_errors = array())
{
//-----------------------------------------
// INIT
//-----------------------------------------
$mid = intval($this->request['mid']);
$key = intval($this->request['key']);
$final_errors = '';
//-----------------------------------------
// Get DB row
//-----------------------------------------
$reg = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id={$mid} AND partial_date={$key}"));
//-----------------------------------------
// Got it?
//-----------------------------------------
if (!$reg['partial_id']) {
$this->registry->output->showError('partial_reg_noid', 10118);
}
/* Load Full Member */
$member = IPSMember::load($mid, 'all');
/* Twitter or Facebook? */
if ($member['fb_uid'] and $member['fb_token']) {
/* Attempt to fetch user details */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/facebook/connect.php', 'facebook_connect');
$facebook = new $classToLoad($this->registry, $member['fb_token'], $member['fb_uid']);
$userData = $facebook->fetchUserData();
if ($userData['id']) {
$userData['service'] = 'facebook';
$userData['_name'] = $userData['name'];
$userData['_pic'] = $userData['pic_square'];
$userData['_sImage'] = $this->settings['public_dir'] . 'style_status/facebook.png';
/* Enforcing / allowing real names? */
if (!count($form_errors['dname']) and $this->settings['fb_realname'] != 'any') {
$userData['_displayName'] = $userData['_name'];
/* Now, make sure we have a unique display name */
$max = $this->DB->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . $this->DB->addSlashes(mb_strtolower($userData['_displayName'])) . "%'"));
if ($max['max']) {
/* does the username already have it set? */
if (stristr($member['name'], $userData['_displayName'])) {
$userData['_displayName'] = $member['name'];
} else {
$_num = $max['max'] + 1;
$userData['_displayName'] = $userData['_displayName'] . '_' . $_num;
}
}
}
}
} else {
if ($member['twitter_id'] and $member['twitter_token'] and $member['twitter_secret']) {
/* Attempt to fetch user details */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/twitter/connect.php', 'twitter_connect');
$twitter = new $classToLoad($this->registry, $member['twitter_token'], $member['twitter_secret']);
$userData = $twitter->fetchUserData();
if ($userData['id']) {
$userData['service'] = 'twitter';
$userData['_name'] = $userData['screen_name'];
$userData['_pic'] = $userData['profile_image_url'];
$userData['_sImage'] = $this->settings['public_dir'] . 'style_status/twitter.png';
}
} else {
if ($member['vk_uid'] and $member['vk_token']) {
/* Attempt to fetch user details */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/vkontakte/connect.php', 'vkontakte_connect');
$vk = new $classToLoad($this->registry, $member['vk_token'], $member['vk_uid']);
$userData = $vk->fetchUserData();
if ($userData['uid']) {
$userData['service'] = 'vkontakte';
$userData['_name'] = $userData['first_name'] . ' ' . $userData['last_name'];
$userData['_pic'] = $userData['photo'];
$userData['_sImage'] = $this->settings['public_dir'] . 'style_status/vkontakte.png';
}
} else {
/* Set defaults for any we have */
$this->request['members_display_name'] = !empty($this->request['members_display_name']) ? $this->request['members_display_name'] : $member['members_display_name'];
$this->request['EmailAddress'] = !empty($this->request['EmailAddress']) ? $this->request['EmailAddress'] : (substr($member['email'], 0, 1) === '@' ? '' : $member['email']);
$this->request['EmailAddress_two'] = !empty($this->request['EmailAddress_two']) ? $this->request['EmailAddress_two'] : (substr($member['email'], 0, 1) === '@' ? '' : $member['email']);
// http://community.invisionpower.com/resources/bugs.html/_/ip-board/partial-registrations-from-windows-live-possibly-others-r41100
if (substr($in_email, 0, 1) === '@') {
$in_email = '';
}
}
}
}
/* Remote registrations disabled? */
if ($this->settings['no_reg'] == 2) {
/* Clean up incomplete reg */
if ($reg['partial_member_id']) {
IPSMember::remove(array($reg['partial_member_id']));
}
$this->registry->output->showError('no_remote_reg', 1090001);
}
//-----------------------------------------
// Custom profile fields stuff
//-----------------------------------------
$custom_fields_out = array('required', 'optional');
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$custom_fields = new $classToLoad();
$custom_fields->member_data = array();
$custom_fields->initData('edit');
$custom_fields->parseToEdit('register');
if (count($custom_fields->out_fields)) {
foreach ($custom_fields->out_fields as $id => $form_element) {
if ($custom_fields->cache_data[$id]['pf_not_null'] == 1) {
$ftype = 'required';
} else {
$ftype = 'optional';
}
$custom_fields_out[$ftype][] = array('name' => $custom_fields->field_names[$id], 'desc' => $custom_fields->field_desc[$id], 'field' => $form_element, 'id' => $id, 'error' => '', 'type' => $custom_fields->cache_data[$id]['pf_type']);
}
}
//-----------------------------------------
// Other errors
//-----------------------------------------
foreach (array('dname', 'password', 'email', 'general', 'serviceLogIn') as $thing) {
if (is_array($form_errors[$thing]) and count($form_errors[$thing])) {
$final_errors .= implode("<br />", $form_errors[$thing]);
}
}
//-----------------------------------------
// No display name?
//-----------------------------------------
if (!$this->memberData['members_display_name']) {
$this->memberData['members_display_name'] = $member['members_display_name'] ? $member['members_display_name'] : $member['email'];
}
//-----------------------------------------
// Show the form (email and display name)
//-----------------------------------------
$this->output .= $this->registry->getClass('output')->getTemplate('register')->completePartialLogin($mid, $key, $custom_fields_out, $final_errors, $reg, $userData);
$this->registry->output->setTitle($this->lang->words['clogin_title'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->registry->output->addNavigation($this->lang->words['clogin_title'], '');
}
/**
* Manage banned requests
*
* @return @e void [Outputs to screen]
*/
protected function _unban()
{
//-----------------------------------------
// Check
//-----------------------------------------
$ids = IPSLib::fetchInputAsArray('mid_');
if (count($ids) < 1) {
$this->registry->output->showError($this->lang->words['t_nomemunban'], 11248);
}
//-----------------------------------------
// Unlock
//-----------------------------------------
if ($this->request['type'] == 'unban') {
try {
$message = $this->_getManagementClass()->unbanMembers($ids);
} catch (Exception $error) {
$this->registry->output->showError($error->getMessage(), 11247);
}
$this->registry->output->global_message = $message;
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'app=members');
} else {
if ($this->request['type'] == 'delete') {
$this->registry->getClass('class_permissions')->checkPermissionAutoMsg('member_delete', 'members', 'members');
IPSMember::remove($ids);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_memdeleted']);
$this->registry->output->global_message = count($ids) . $this->lang->words['t_memdeleted'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'app=members');
}
}
}
public function memberDelete($id, $check_admin = false)
{
if (!is_array($id) && !intval($id)) {
$id = $this->member->member_id;
}
// first logout
@$this->login->doLogout(false);
// @ todo: check notices from ip.board
// delete member
$return = @IPSMember::remove($id, $check_admin);
// @ todo: check notices from ip.board
return $return === null ? true : false;
}
/**
* Delete members [form+process]
*
* @access private
* @return void [Outputs to screen]
*/
private function _memberDelete()
{
//-----------------------------------------
// Check input
//-----------------------------------------
if (!$this->request['member_id']) {
$this->registry->output->global_message = $this->lang->words['m_nomember'];
$this->request['do'] = 'members_list';
$this->_memberList();
return;
}
//-----------------------------------------
// Single or more?
//-----------------------------------------
if (strstr($this->request['member_id'], ',')) {
$ids = explode(',', $this->request['member_id']);
} else {
$ids = array($this->request['member_id']);
}
$ids = IPSLib::cleanIntArray($ids);
/* Don't delete our selves */
if (in_array($this->memberData['member_id'], $ids)) {
$this->registry->output->global_message = $this->lang->words['m_nodeleteslefr'];
$this->request['do'] = 'members_list';
$this->_memberList();
return;
}
//-----------------------------------------
// Get accounts
//-----------------------------------------
$this->DB->build(array('select' => 'member_id, name, member_group_id, mgroup_others', 'from' => 'members', 'where' => 'member_id IN (' . implode(",", $ids) . ')'));
$this->DB->execute();
$names = array();
while ($r = $this->DB->fetch()) {
//-----------------------------------------
// r u trying to kill teh admin?
//-----------------------------------------
if (!$this->registry->getClass('class_permissions')->checkPermission('member_delete_admin')) {
if ($this->caches['group_cache'][$r['member_group_id']]['g_access_cp']) {
continue;
} else {
$other_mgroups = explode(',', IPSText::cleanPermString($r['mgroup_others']));
if (count($other_mgroups)) {
foreach ($other_mgroups as $other_mgroup) {
if ($this->caches['group_cache'][$other_mgroup]['g_access_cp']) {
continue;
}
}
}
}
}
$names[] = $r['name'];
}
//-----------------------------------------
// Check
//-----------------------------------------
if (!count($names)) {
$this->registry->output->global_message = $this->lang->words['m_nomember'];
$this->request['do'] = 'members_list';
$this->_memberList();
return;
}
//-----------------------------------------
// Delete
//-----------------------------------------
IPSMember::remove($ids, true);
//-----------------------------------------
// Clear "cookies"
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->staffSaveCookie('memberFilter', array());
//-----------------------------------------
// Redirect
//-----------------------------------------
$page_query = "";
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_deletedlog'], implode(",", $names)));
$this->registry->output->global_message = sprintf($this->lang->words['m_deletedlog'], implode(",", $names));
$this->request['do'] = 'members_list';
$this->_memberList();
}
/**
* Run this task
*
* @return @e void
*/
public function runTask()
{
// If enabled, remove validating new_reg members & entries from members table
if (intval($this->settings['validate_day_prune']) > 0) {
//-----------------------------------------
// Init
//-----------------------------------------
$mids = array();
$less_than = time() - $this->settings['validate_day_prune'] * 86400;
//-----------------------------------------
// Remove Validating
//-----------------------------------------
$this->DB->build(array('select' => 'v.vid, v.member_id', 'from' => array('validating' => 'v'), 'where' => 'v.new_reg=1 AND v.coppa_user<>1 AND v.entry_date < ' . $less_than . ' AND v.lost_pass<>1 AND v.user_verified=0', 'add_join' => array(array('select' => 'm.posts, m.member_group_id, m.email', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left'))));
$outer = $this->DB->execute();
while ($i = $this->DB->fetch($outer)) {
if ($i['member_group_id'] != $this->settings['auth_group']) {
// No longer validating?
$this->DB->delete('validating', "vid='{$i['vid']}'");
continue;
}
if (intval($i['posts']) < 1) {
$mids[] = $i['member_id'];
}
}
//-----------------------------------------
// Remove incomplete Facebook/Twitter
//-----------------------------------------
$this->DB->build(array('select' => 'p.*', 'from' => array('members_partial' => 'p'), 'add_join' => array(array('from' => array('members' => 'm'), 'where' => 'm.member_id=p.partial_member_id')), 'where' => "p.partial_date<{$less_than} AND ( m.twitter_id<>'' OR m.fb_uid<>0 )"));
$this->DB->execute();
while ($row = $this->DB->fetch()) {
$mids[] = $row['partial_member_id'];
}
//-----------------------------------------
// Do it
//-----------------------------------------
if (count($mids) > 0) {
IPSMember::remove($mids);
}
//-----------------------------------------
// Log to log table - modify but dont delete
//-----------------------------------------
$this->registry->getClass('class_localization')->loadLanguageFile(array('public_global'), 'core');
$this->class->appendTaskLog($this->task, sprintf($this->lang->words['task_removevalidating'], count($mids)));
}
//-----------------------------------------
// Unlock Task: DO NOT MODIFY!
//-----------------------------------------
$this->class->unlockTask($this->task);
}
/**
* Deny member(s) registrations
*
* @param array Array of member ids
* @return string Confirmation message
*/
public function denyMembers($ids)
{
//-----------------------------------------
// Get names for log, and filter out admins if
// we do not have permission to delete them
//-----------------------------------------
$denied = array();
$newIds = array();
$this->DB->build(array('select' => 'member_id, member_group_id, mgroup_others, members_display_name', 'from' => 'members', 'where' => "member_id IN(" . implode(",", $ids) . ")"));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
if (!$this->registry->getClass('class_permissions')->checkPermission('member_delete_admin', 'members', 'members')) {
if ($this->caches['group_cache'][$r['member_group_id']]['g_access_cp']) {
continue;
} else {
$other_mgroups = explode(',', IPSText::cleanPermString($r['mgroup_others']));
if (count($other_mgroups)) {
foreach ($other_mgroups as $other_mgroup) {
if ($this->caches['group_cache'][$other_mgroup]['g_access_cp']) {
continue 2;
}
}
}
}
}
$denied[] = $r['members_display_name'];
$newIds[] = $r['member_id'];
}
if (count($newIds)) {
IPSMember::remove($newIds);
}
$message = sprintf($this->lang->words['t_regdenied'], count($newIds), implode(", ", $denied));
ipsRegistry::getClass('adminFunctions')->saveAdminLog($message);
return $message;
}
/**
* Delete members [form+process]
*
* @return @e void
*/
protected function _doDelete()
{
//-----------------------------------------
// Check input
//-----------------------------------------
$ids = IPSLib::fetchInputAsArray('mid_');
if (!count($ids)) {
$this->returnJsonError($this->lang->words['m_nomember']);
}
/* Don't delete our selves */
if (in_array($this->memberData['member_id'], $ids)) {
$this->returnJsonError($this->lang->words['m_nodeleteslefr']);
}
//-----------------------------------------
// Get accounts
//-----------------------------------------
$this->DB->build(array('select' => 'member_id, name, member_group_id, mgroup_others', 'from' => 'members', 'where' => 'member_id IN(' . implode(',', $ids) . ')'));
$this->DB->execute();
$names = array();
$newIds = array();
while ($r = $this->DB->fetch()) {
//-----------------------------------------
// r u trying to kill teh admin?
//-----------------------------------------
if (!$this->registry->getClass('class_permissions')->checkPermission('member_delete_admin')) {
if ($this->caches['group_cache'][$r['member_group_id']]['g_access_cp']) {
continue;
} else {
$other_mgroups = explode(',', IPSText::cleanPermString($r['mgroup_others']));
if (count($other_mgroups)) {
foreach ($other_mgroups as $other_mgroup) {
if ($this->caches['group_cache'][$other_mgroup]['g_access_cp']) {
continue 2;
}
}
}
}
}
$names[] = $r['name'];
$newIds[] = $r['member_id'];
}
//-----------------------------------------
// Check
//-----------------------------------------
if (!count($names)) {
$this->returnJsonError($this->lang->words['m_nomember']);
}
//-----------------------------------------
// Delete
//-----------------------------------------
IPSMember::remove($newIds, true);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_deletedlog'], implode(",", $names)));
//-----------------------------------------
// Respond
//-----------------------------------------
$this->returnJsonArray(array('ok' => 1, 'msg' => sprintf($this->lang->words['m_deletedlog'], implode(",", $names))));
}
/**
* Unlock selected accounts
*
* @access private
* @return void [Outputs to screen]
*/
private function _unlock()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$ids = array();
//-----------------------------------------
// GET checkboxes
//-----------------------------------------
foreach ($this->request as $k => $v) {
if (preg_match("/^mid_(\\d+)\$/", $k, $match)) {
if ($v) {
$ids[] = $match[1];
}
}
}
$ids = IPSLib::cleanIntArray($ids);
//-----------------------------------------
// Check
//-----------------------------------------
if (count($ids) < 1) {
$this->registry->output->showError($this->lang->words['t_nolockloc'], 11251);
}
//-----------------------------------------
// Unlock
//-----------------------------------------
if ($this->request['type'] == 'unlock') {
foreach ($ids as $_id) {
try {
IPSMember::save($_id, array('core' => array('failed_logins' => '', 'failed_login_count' => 0)));
} catch (Exception $error) {
$this->registry->output->showError($error->getMessage(), 11247);
}
}
ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_memunlocked']);
$this->registry->output->global_message = count($ids) . $this->lang->words['t_memunlocked'];
$this->_viewQueue('locked');
return;
} else {
if ($this->request['type'] == 'ban') {
try {
IPSMember::save($ids, array('core' => array('failed_logins' => '', 'failed_login_count' => 0, 'member_banned' => 1)));
} catch (Exception $error) {
$this->registry->output->showError($error->getMessage(), 11247);
}
ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_membanned']);
$this->registry->output->global_message = count($ids) . $this->lang->words['t_membanned'];
$this->_viewQueue('locked');
return;
} else {
if ($this->request['type'] == 'delete') {
IPSMember::remove($ids);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_memdeleted']);
$this->registry->output->global_message = count($ids) . $this->lang->words['t_memdeleted'];
$this->_viewQueue('locked');
return;
}
}
}
}
public function deleteUser($api_key, $api_module, $username)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$api_key = IPSText::md5Clean($api_key);
$api_module = IPSText::parseCleanValue($api_module);
//-----------------------------------------
// Authenticate
//-----------------------------------------
if ($this->__authenticate($api_key, $api_module, 'deleteUser') !== FALSE) {
//-----------------------------------------
// Add log
//-----------------------------------------
$this->addLogging($api_key);
//-----------------------------------------
// Remove a user by username
//-----------------------------------------
$member = IPSMember::load($username, 'all', 'username');
if ($member != null) {
$result = IPSMember::remove($member['member_id']);
if ($result) {
$this->classApiServer->apiSendReply(array('result' => 'success'));
} else {
$this->classApiServer->apiSendReply(array('result' => 'failure'));
}
}
$this->classApiServer->apiSendReply(array('result' => 'failure'));
exit;
}
}