// Initalizing static string wrapper // PMF_String::init($LANGCODE); // Preload English strings require_once PMF_ROOT_DIR . '/lang/language_en.php'; $faqConfig->setLanguage($Language); if ($faqConfig->get('security.enableLoginOnly')) { if (!isset($_SERVER['PHP_AUTH_USER'])) { $response = Response::create()->setStatusCode(401); $response->headers->set('WWW-Authenticate', 'Basic realm="phpMyFAQ RSS Feeds"'); $response->send(); exit; } else { $user = new PMF_User_CurrentUser($faqConfig); if ($user->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { if ($user->getStatus() != 'blocked') { $auth = true; } else { $user = null; } } else { $user = null; } } } else { $user = PMF_User_CurrentUser::getFromSession($faqConfig); } // // Get current user and group id - default: -1 // if (isset($user) && !is_null($user) && $user instanceof PMF_User_CurrentUser) {
$message .= '<script type="text/javascript">updateUser(' . $userId . ');</script>'; } } } // delete user confirmation if ($userAction == 'delete_confirm' && $user->perm->checkRight($user->getUserId(), 'deluser')) { $message = ''; $user = new PMF_User_CurrentUser($faqConfig); $userId = PMF_Filter::filterInput(INPUT_POST, 'user_list_select', FILTER_VALIDATE_INT, 0); if ($userId == 0) { $message .= sprintf('<p class="alert alert-error">%s</p>', $PMF_LANG['ad_user_error_noId']); $userAction = $defaultUserAction; } else { $user->getUserById($userId); // account is protected if ($user->getStatus() == 'protected' || $userId == 1) { $message .= sprintf('<p class="alert alert-error">%s</p>', $PMF_LANG['ad_user_error_protectedAccount']); $userAction = $defaultUserAction; } else { $twig->loadTemplate('user/delete_confirm.twig')->display(array('PMF_LANG' => $PMF_LANG, 'csrfToken' => $user->getCsrfTokenFromSession(), 'userId' => $userId, 'userLogin' => $user->getLogin())); } } } // delete user if ($userAction == 'delete' && $user->perm->checkRight($user->getUserId(), 'deluser')) { $message = ''; $user = new PMF_User($faqConfig); $userId = PMF_Filter::filterInput(INPUT_POST, 'user_id', FILTER_VALIDATE_INT, 0); $csrfOkay = true; $csrfToken = PMF_Filter::filterInput(INPUT_POST, 'csrf', FILTER_SANITIZE_STRING); if (!isset($_SESSION['phpmyfaq_csrf_token']) || $_SESSION['phpmyfaq_csrf_token'] !== $csrfToken) {