public function delete_user($id) { $id = $this->hook->fire('delete_user_start', $id); // Get the username and group of the user we are deleting $result['select'] = array('group_id', 'username'); $result = DB::for_table('users')->where('id', $id)->select_many($result['select']); $result = $this->hook->fireDB('delete_user_username', $result); $result = $result->find_one(); $group_id = $result['group_id']; $username = $result['username']; if ($group_id == $this->feather->forum_env['FEATHER_ADMIN']) { throw new Error(__('No delete admin message')); } if ($this->request->post('delete_user_comply')) { // If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well $group_mod = DB::for_table('groups')->where('g_id', $group_id); $group_mod = $this->hook->fireDB('delete_user_group_mod', $group_mod); $group_mod = $group_mod->find_one_col('g_moderator'); if ($group_id == $this->feather->forum_env['FEATHER_ADMIN'] || $group_mod == '1') { // Loop through all forums $result = $this->loop_mod_forums(); foreach ($result as $cur_forum) { $cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array(); if (in_array($id, $cur_moderators)) { unset($cur_moderators[$username]); $update_forums = DB::for_table('forums')->where('id', $cur_forum['id'])->find_one(); if (!empty($cur_moderators)) { $update_forums = $update_forums->set('moderators', serialize($cur_moderators)); } else { $update_forums = $update_forums->set_expr('moderators', 'NULL'); } $update_forums = $this->hook->fireDB('update_mod_forums_query', $update_forums); $update_forums = $update_forums->save(); } } } // Delete any subscriptions $delete_subscriptions = DB::for_table('topic_subscriptions')->where('user_id', $id); $delete_subscriptions = $this->hook->fireDB('delete_user_subscriptions_topic', $delete_subscriptions); $delete_subscriptions = $delete_subscriptions->delete_many(); unset($delete_subscriptions); $delete_subscriptions = DB::for_table('forum_subscriptions')->where('user_id', $id); $delete_subscriptions = $this->hook->fireDB('delete_user_subscriptions_forum', $delete_subscriptions); $delete_subscriptions = $delete_subscriptions->delete_many(); // Remove him/her from the online list (if they happen to be logged in) $delete_online = DB::for_table('online')->where('user_id', $id); $delete_online = $this->hook->fireDB('delete_user_online', $delete_online); $delete_online = $delete_online->delete_many(); // Should we delete all posts made by this user? if ($this->request->post('delete_posts')) { // Hold on, this could take some time! @set_time_limit(0); $this->hook->fire('delete_user_posts'); // Find all posts made by this user unset($result); $result['select'] = array('p.id', 'p.topic_id', 't.forum_id'); $result = DB::for_table('posts')->table_alias('p')->select_many($result['select'])->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where('p.poster_id', $id); $result = $this->hook->fireDB('delete_user_posts_first_query', $result); $result = $result->find_many(); if ($result) { foreach ($result as $cur_post) { // Determine whether this post is the "topic post" or not $result2 = DB::for_table('posts')->where('topic_id', $cur_post['topic_id'])->order_by('posted'); $result2 = $this->hook->fireDB('delete_user_posts_second_query', $result2); $result2 = $result2->find_one_col('id'); if ($result2 == $cur_post['id']) { Delete::topic($cur_post['topic_id']); } else { Delete::post($cur_post['id'], $cur_post['topic_id']); } Forum::update($cur_post['forum_id']); } } } else { // Set all his/her posts to guest $update_guest = DB::for_table('posts')->where_in('poster_id', '1'); $update_guest = $this->hook->fireDB('delete_user_posts_guest_query', $update_guest); $update_guest = $update_guest->update_many('poster_id', $id); } // Delete the user $delete_user = DB::for_table('users')->where('id', $id); $delete_user = $delete_user->delete_many(); // Delete user avatar Delete::avatar($id); // Regenerate the users info cache if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } $stats = $this->feather->cache->retrieve('users_info'); if ($group_id == $this->feather->forum_env['FEATHER_ADMIN']) { $this->feather->cache->store('admin_ids', Cache::get_admin_ids()); } $this->hook->fire('delete_user'); Url::redirect($this->feather->urlFor('home'), __('User delete redirect')); } }
public function action($id, $action) { // Include UTF-8 function require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/substr_replace.php'; require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/ucwords.php'; // utf8_ucwords needs utf8_substr_replace require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/strcasecmp.php'; if ($action != 'change_pass' || !$this->request->get('key')) { if ($this->user->g_read_board == '0') { throw new Error(__('No view'), 403); } elseif ($this->user->g_view_users == '0' && ($this->user->is_guest || $this->user->id != $id)) { throw new Error(__('No permission'), 403); } } if ($action == 'change_pass') { $this->model->change_pass($id, $this->feather); $this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Change pass')), 'active_page' => 'profile', 'id' => $id, 'required_fields' => array('req_old_password' => __('Old pass'), 'req_new_password1' => __('New pass'), 'req_new_password2' => __('Confirm new pass')), 'focus_element' => array('change_pass', !$this->user->is_admmod ? 'req_old_password' : 'req_new_password1'))); $this->feather->template->addTemplate('profile/change_pass.php')->display(); } elseif ($action == 'change_email') { $this->model->change_email($id, $this->feather); $this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Change email')), 'active_page' => 'profile', 'required_fields' => array('req_new_email' => __('New email'), 'req_password' => __('Password')), 'focus_element' => array('change_email', 'req_new_email'), 'id' => $id)); $this->feather->template->addTemplate('profile/change_mail.php')->display(); } elseif ($action == 'upload_avatar' || $action == 'upload_avatar2') { if ($this->config['o_avatars'] == '0') { throw new Error(__('Avatars disabled'), 400); } if ($this->user->id != $id && !$this->user->is_admmod) { throw new Error(__('No permission'), 403); } if ($this->feather->request()->isPost()) { $this->model->upload_avatar($id, $_FILES); } $this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Upload avatar')), 'active_page' => 'profile', 'required_fields' => array('req_file' => __('File')), 'focus_element' => array('upload_avatar', 'req_file'), 'id' => $id)); $this->feather->template->addTemplate('profile/upload_avatar.php')->display(); } elseif ($action == 'delete_avatar') { if ($this->user->id != $id && !$this->user->is_admmod) { throw new Error(__('No permission'), 403); } Delete::avatar($id); Url::redirect($this->feather->urlFor('profileSection', array('id' => $id, 'section' => 'personality')), __('Avatar deleted redirect')); } elseif ($action == 'promote') { if ($this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && ($this->user->g_moderator != '1' || $this->user->g_mod_promote_users == '0')) { throw new Error(__('No permission'), 403); } $this->model->promote_user($id, $this->feather); } else { throw new Error(__('Bad request'), 404); } }
public function delete_users() { if ($this->request->post('users')) { $user_ids = is_array($this->request->post('users')) ? array_keys($this->request->post('users')) : explode(',', $this->request->post('users')); $user_ids = array_map('intval', $user_ids); // Delete invalid IDs $user_ids = array_diff($user_ids, array(0, 1)); } else { $user_ids = array(); } $user_ids = $this->hook->fire('model.users.delete_users.user_ids', $user_ids); if (empty($user_ids)) { throw new Error(__('No users selected'), 404); } // Are we trying to delete any admins? $is_admin = DB::for_table('users')->where_in('id', $user_ids)->where('group_id', $this->feather->forum_env['FEATHER_ADMIN'])->find_one(); if ($is_admin) { throw new Error(__('No delete admins message'), 403); } if ($this->request->post('delete_users_comply')) { // Fetch user groups $user_groups = array(); $result['select'] = array('id', 'group_id'); $result = DB::for_table('users')->select_many($result['select'])->where_in('id', $user_ids); $result = $this->hook->fireDB('model.users.delete_users.user_groups_query', $result); $result = $result->find_many(); foreach ($result as $cur_user) { if (!isset($user_groups[$cur_user['group_id']])) { $user_groups[$cur_user['group_id']] = array(); } $user_groups[$cur_user['group_id']][] = $cur_user['id']; } // Are any users moderators? $group_ids = array_keys($user_groups); $select_fetch_user_mods = array('g_id', 'g_moderator'); $result = DB::for_table('groups')->select_many($select_fetch_user_mods)->where_in('g_id', $group_ids)->find_many(); foreach ($result as $cur_group) { if ($cur_group['g_moderator'] == '0') { unset($user_groups[$cur_group['g_id']]); } } $user_groups = $this->hook->fire('model.users.delete_users.user_groups', $user_groups); // Fetch forum list and clean up their moderator list $select_mods = array('id', 'moderators'); $result = DB::for_table('forums')->select_many($select_mods)->find_many(); foreach ($result as $cur_forum) { $cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array(); foreach ($user_groups as $group_users) { $cur_moderators = array_diff($cur_moderators, $group_users); } if (!empty($cur_moderators)) { DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save(); } else { DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set_expr('moderators', 'NULL')->save(); } } // Delete any subscriptions DB::for_table('topic_subscriptions')->where_in('user_id', $user_ids)->delete_many(); DB::for_table('forum_subscriptions')->where_in('user_id', $user_ids)->delete_many(); // Remove them from the online list (if they happen to be logged in) DB::for_table('online')->where_in('user_id', $user_ids)->delete_many(); // Should we delete all posts made by these users? if ($this->request->post('delete_posts')) { @set_time_limit(0); // Find all posts made by this user $select_user_posts = array('p.id', 'p.topic_id', 't.forum_id'); $result = DB::for_table('posts')->table_alias('p')->select_many($select_user_posts)->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where('p.poster_id', $user_ids); $result = $this->hook->fireDB('model.users.delete_users.user_posts_query', $result); $result = $result->find_many(); if ($result) { foreach ($result as $cur_post) { // Determine whether this post is the "topic post" or not $result2 = DB::for_table('posts')->where('topic_id', $cur_post['topic_id'])->order_by('posted')->find_one_col('id'); if ($result2 == $cur_post['id']) { \FeatherBB\Model\Delete::topic($cur_post['topic_id']); } else { \FeatherBB\Model\Delete::post($cur_post['id'], $cur_post['topic_id']); } \FeatherBB\Model\Forum::update($cur_post['forum_id']); } } } else { // Set all their posts to guest // TODO: invert where_in and update_many values ? To test. DB::for_table('posts')->where_in('poster_id', '1')->update_many('poster_id', $user_ids); } // Delete the users DB::for_table('users')->where_in('id', $user_ids)->delete_many(); // Delete user avatars foreach ($user_ids as $user_id) { Delete::avatar($user_id); } // Regenerate the users info cache if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } $stats = $this->feather->cache->retrieve('users_info'); Url::redirect($this->feather->urlFor('adminUsers'), __('Users delete redirect')); } return $user_ids; }