case "user_ban": $uid = user_username2uid($_REQUEST['uname']); if ($uid && ($uid == 1 || $uid == $user_config['uid'])) { $_SESSION['dialog']['info'][] = _('Account admin or currently logged in administrator cannot be banned'); } else { if (user_banned_get($uid)) { $_SESSION['dialog']['info'][] = _('User is already on banned users list') . ' (' . _('username') . ': ' . $_REQUEST['uname'] . ')'; } else { if (user_banned_add($uid)) { $_SESSION['dialog']['info'][] = _('Account has been banned') . ' (' . _('username') . ': ' . $_REQUEST['uname'] . ')'; } else { $_SESSION['dialog']['info'][] = _('Unable to ban account') . ' (' . _('username') . ': ' . $_REQUEST['uname'] . ')'; } } } header("Location: " . _u('index.php?app=main&inc=core_user&route=user_mgmnt&op=user_list&view=' . $view)); exit; break; case "login_as": user_session_remove($_SESSION['uid'], $_SESSION['sid']); $uid = user_username2uid($_REQUEST['uname']); auth_login_as($uid); if (auth_isvalid()) { logger_print("login as u:" . $_SESSION['username'] . " uid:" . $uid . " status:" . $_SESSION['status'] . " sid:" . $_SESSION['sid'] . " ip:" . $_SERVER['REMOTE_ADDR'], 2, "user_mgmnt"); } else { logger_print("fail to login as u:" . $_SESSION['username'] . " uid:" . $uid . " status:" . $_SESSION['status'] . " sid:" . $_SESSION['sid'] . " ip:" . $_SERVER['REMOTE_ADDR'], 2, "user_mgmnt"); } header('Location: ' . _u(_HTTP_PATH_BASE_)); exit; break; }
/** * Add account to banned account list * * @param integer $uid * User ID * @return boolean TRUE if user successfully added to banned user list */ function user_banned_add($uid) { global $user_config; // account admin and currently logged in user/admin cannot be ban if ($uid && ($uid == 1 || $uid == $user_config['uid'])) { _log('unable to ban uid:' . $uid, 2, 'user_banned_add'); return FALSE; } $bantime = core_get_datetime(); if (user_session_get($uid)) { if (!user_session_remove($uid)) { return FALSE; } } $item = array($uid => $bantime); if (registry_update(1, 'auth', 'banned_users', $item)) { _log('banned uid:' . $uid . ' bantime:' . $bantime, 2, 'user_banned_add'); return TRUE; } else { return FALSE; } }
* playSMS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with playSMS. If not, see <http://www.gnu.org/licenses/>. */ defined('_SECURE_') or die('Forbidden'); if (!auth_isadmin()) { auth_block(); } // if kick action if (_OP_ == 'kick') { if ($hash = $_GET['hash']) { user_session_remove('', '', $hash); header('Location: ' . _u('index.php?app=main&inc=feature_report&route=online')); exit; } } // display whose online $tpl = array('name' => 'report_online', 'vars' => array('Report' => _('Report'), 'Whose online' => _('Whose online'), 'User' => _('User'), 'Last update' => _('Last update'), 'Current IP address' => _('Current IP address'), 'User agent' => _('User agent'), 'Action' => 'Action')); // display admin users $users = report_whoseonline_admin(); foreach ($users as $user) { foreach ($user as $hash) { $tpl['loops']['data'][] = array('tr_class' => $tr_class, 'c_username' => $hash['username'], 'c_isadmin' => $hash['icon_isadmin'], 'last_update' => $hash['last_update'], 'current_ip' => $hash['ip'], 'user_agent' => $hash['http_user_agent'], 'login_status' => $hash['login_status'], 'action' => $hash['action_link']); } } // display users $users = report_whoseonline_user();
/** * Remove login sessions older than 1 hour idle */ function report_hook_playsmsd() { global $plugin_config; $plugin_config['report']['current_tick'] = (int) strtotime(core_get_datetime()); $period = $plugin_config['report']['current_tick'] - $plugin_config['report']['last_tick']; // login session older than 1 hour will be removed if ($period >= 60 * 60) { $users = report_whoseonline(0, FALSE, TRUE); foreach ($users as $user) { foreach ($user as $hash) { user_session_remove('', '', $hash['hash']); _log('login session removed uid:' . $hash['uid'] . ' hash:' . $hash['hash'], 3, 'report_hook_playsmsd'); } } $plugin_config['report']['last_tick'] = $plugin_config['report']['current_tick']; } }
/** * Remove login sessions older than 1 hour idle */ function report_hook_playsmsd() { global $plugin_config; // fetch hourly if (!core_playsmsd_timer(3600)) { return; } // login session older than 1 hour will be removed $users = report_whoseonline(0, FALSE, TRUE); foreach ($users as $user) { foreach ($user as $hash) { user_session_remove('', '', $hash['hash']); _log('login session removed uid:' . $hash['uid'] . ' hash:' . $hash['hash'], 3, 'report_hook_playsmsd'); } } $plugin_config['report']['last_tick'] = $plugin_config['report']['current_tick']; }