// Will EXIT
// We have EXITed already at this point!!
}
if (is_logged_in() && $current_User->check_perm('users', 'edit', false)) {
// Admins cannot close own accounts
$Messages->add(T_('You cannot close your own account!'));
// Redirect to show the errors:
header_redirect();
// Will EXIT
// We have EXITed already at this point!!
}
if (is_logged_in() && $current_User->update_status_from_Request(true, 'closed')) {
// user account was closed successful
// Send notification email about closed account to users with edit users permission
$email_template_params = array('login' => $current_User->login, 'email' => $current_User->email, 'reason' => trim(param('account_close_type', 'string', '') . ' ' . param('account_close_reason', 'text', '')), 'user_ID' => $current_User->ID, 'days_count' => $current_User->get_days_count_close());
send_admin_notification(NT_('User account closed'), 'account_closed', $email_template_params);
// Set this session var only to know when display a bye message
$Session->set('account_closing_success', true);
} else {
// db update was unsuccessful
$Messages->add(T_('Unable to close your account. Please contact to system administrator.'));
}
header_redirect();
/* exited */
break;
case 'retrievepassword':
// Send password change request by mail
global $servertimenow;
$login_required = true;
// Do not display "Without login.." link on the form
if (empty($login)) {
// Save Trigger page
$UserSettings->set('registration_trigger_url', $session_registration_trigger_url, $new_User->ID);
}
$UserSettings->set('created_fromIPv4', ip2int($Hit->IP), $new_User->ID);
$UserSettings->set('user_domain', $Hit->get_remote_host(true), $new_User->ID);
$UserSettings->set('user_browser', substr($Hit->get_user_agent(), 0, 200), $new_User->ID);
$UserSettings->dbupdate();
// Auto subscribe new user to current collection posts/comments:
if ($auto_subscribe_posts || $auto_subscribe_comments) {
// If at least one option is enabled
$DB->query('REPLACE INTO T_subscriptions ( sub_coll_ID, sub_user_ID, sub_items, sub_comments )
VALUES ( ' . $DB->quote($Blog->ID) . ', ' . $DB->quote($new_User->ID) . ', ' . $DB->quote(intval($auto_subscribe_posts)) . ', ' . $DB->quote(intval($auto_subscribe_comments)) . ' )');
}
// Send notification email about new user registrations to users with edit users permission
$email_template_params = array('country' => $country, 'firstname' => $firstname, 'gender' => $gender, 'locale' => $locale, 'source' => $new_User->get('source'), 'trigger_url' => $session_registration_trigger_url, 'initial_hit' => $initial_hit, 'login' => $login, 'email' => $email, 'new_user_ID' => $new_User->ID);
send_admin_notification(NT_('New user registration'), 'account_new', $email_template_params);
$Plugins->trigger_event('AfterUserRegistration', array('User' => &$new_User));
// Move user to suspect group by IP address. Make this move even if during the registration it was added to a trusted group.
antispam_suspect_user_by_IP('', $new_User->ID, false);
if ($Settings->get('newusers_mustvalidate')) {
// We want that the user validates his email address:
$inskin_blog = $inskin ? $blog : NULL;
if ($new_User->send_validate_email($redirect_to, $inskin_blog)) {
$activateinfo_link = 'href="' . get_activate_info_url(NULL, '&') . '"';
$Messages->add(sprintf(T_('An email has been sent to your email address. Please click on the link therein to activate your account. <a %s>More info »</a>'), $activateinfo_link), 'success');
} elseif ($demo_mode) {
$Messages->add('Sorry, could not send email. Sending email in demo mode is disabled.', 'error');
} else {
$Messages->add(T_('Sorry, the email with the link to activate your account could not be sent.') . '<br />' . T_('Possible reason: the PHP mail() function may have been disabled on the server.'), 'error');
// fp> TODO: allow to enter a different email address (just in case it's that kind of problem)
}
/**
* Detect timed out cron jobs and Send notifications
*
* @param array Task with error
* 'name'
* 'message'
*/
function detect_timeout_cron_jobs($error_task = NULL)
{
global $DB, $time_difference, $cron_timeout_delay, $admin_url;
$SQL = new SQL('Find cron timeouts');
$SQL->SELECT('ctsk_ID, ctsk_name, ctsk_key');
$SQL->FROM('T_cron__log');
$SQL->FROM_add('INNER JOIN T_cron__task ON ctsk_ID = clog_ctsk_ID');
$SQL->WHERE('clog_status = "started"');
$SQL->WHERE_and('clog_realstart_datetime < ' . $DB->quote(date2mysql(time() + $time_difference - $cron_timeout_delay)));
$SQL->GROUP_BY('ctsk_ID');
$timeout_tasks = $DB->get_results($SQL->get(), OBJECT, $SQL->title);
$tasks = array();
if (count($timeout_tasks) > 0) {
$cron_jobs_names = get_cron_jobs_config('name');
foreach ($timeout_tasks as $timeout_task) {
if (!empty($timeout_task->ctsk_name)) {
// Task name is defined in DB
$task_name = $timeout_task->ctsk_name;
} else {
// Try to get default task name by key:
$task_name = isset($cron_jobs_names[$timeout_task->ctsk_key]) ? $cron_jobs_names[$timeout_task->ctsk_key] : $timeout_task->ctsk_key;
}
$tasks[$timeout_task->ctsk_ID] = array('name' => $task_name, 'message' => NT_('Cron job has timed out.'));
}
// Update timed out cron jobs:
$DB->query('UPDATE T_cron__log
SET clog_status = "timeout"
WHERE clog_ctsk_ID IN ( ' . $DB->quote(array_keys($tasks)) . ' )', 'Mark timeouts in cron jobs.');
}
if (!is_null($error_task)) {
// Send notification with error task
$tasks[$error_task['ID']] = $error_task;
}
if (count($tasks) > 0) {
// Send notification email about timed out and error cron jobs to users with edit options permission
$email_template_params = array('tasks' => $tasks);
send_admin_notification(NT_('Scheduled task error'), 'scheduled_task_error_report', $email_template_params);
}
}
/**
* Detect timed out cron jobs and Send notifications
*
* @param array Task with error
* 'name'
* 'message'
*/
function detect_timeout_cron_jobs($error_task = NULL)
{
global $DB, $time_difference, $cron_timeout_delay, $admin_url;
$SQL = new SQL('Find cron timeouts');
$SQL->SELECT('ctsk_ID, ctsk_name');
$SQL->FROM('T_cron__log');
$SQL->FROM_add('INNER JOIN T_cron__task ON ctsk_ID = clog_ctsk_ID');
$SQL->WHERE('clog_status = "started"');
$SQL->WHERE_and('clog_realstart_datetime < ' . $DB->quote(date2mysql(time() + $time_difference - $cron_timeout_delay)));
$SQL->GROUP_BY('ctsk_ID');
$timeouts = $DB->get_assoc($SQL->get(), OBJECT, $SQL->title);
$tasks = array();
if (count($timeouts) > 0) {
foreach ($timeouts as $task_ID => $task_name) {
$tasks[$task_ID] = array('name' => $task_name, 'message' => T_('Cron job was timed out.'));
}
// Update timed out cron jobs
$DB->query('UPDATE T_cron__log
SET clog_status = "timeout"
WHERE clog_ctsk_ID IN ( ' . $DB->quote(array_keys($tasks)) . ' )', 'Detect cron timeouts.');
}
if (!is_null($error_task)) {
// Send notification with error task
$tasks[$error_task['ID']] = $error_task;
}
if (count($tasks) > 0) {
// Send notification email about timed out and error cron jobs to users with edit options permission
$email_template_params = array('tasks' => $tasks);
send_admin_notification(NT_('Scheduled task error'), 'scheduled_task_error_report', $email_template_params);
}
}
/**
* Send an email notification when user account has been changed
*
* @param boolean true if the main profile picture was changed, false otherwise
* @param mixed false if there was no new profile picture upload, the newly uploaded file ID otherwise
*/
function send_account_changed_notification($avatar_changed = false, $new_avatar_upload = false)
{
if (!is_logged_in()) {
// User must be logged in for this action
return;
}
if (empty($this->significant_changed_values) && !$avatar_changed && !$new_avatar_upload) {
// Nothing important was changed, so no need to send changed notification
return;
}
$email_template_params = array('user_ID' => $this->ID, 'login' => $this->login, 'fields' => array('login' => array('title' => NT_('Login')), 'grp_ID' => array('title' => NT_('Group'), 'className' => 'Group'), 'nickname' => array('title' => NT_('Nickname')), 'firstname' => array('title' => NT_('First name')), 'lastname' => array('title' => NT_('Last name')), 'gender' => array('title' => NT_('Gender')), 'ctry_ID' => array('title' => NT_('Country'), 'className' => 'Country'), 'rgn_ID' => array('title' => NT_('Region'), 'className' => 'Region'), 'subrg_ID' => array('title' => NT_('Sub-region'), 'className' => 'Subregion'), 'city_ID' => array('title' => NT_('City'), 'className' => 'City')), 'avatar_changed' => $avatar_changed, 'new_avatar_upload' => $new_avatar_upload);
foreach ($email_template_params['fields'] as $user_field_name => $user_field_data) {
// Set new and previous values for email template
$field_was_changed = isset($this->significant_changed_values[$user_field_name]) && !empty($this->significant_changed_values[$user_field_name]);
if (isset($user_field_data['className'])) {
// The field value is an object ID, get the object name
$Cache =& call_user_func('get_' . $user_field_data['className'] . 'Cache');
$Object =& $Cache->get_by_ID($this->get($user_field_name), false, false);
$user_field_data['new'] = empty($Object) ? NULL : $Object->get_name();
if ($field_was_changed) {
// Get the old display value of the field
$Object =& $Cache->get_by_ID($this->significant_changed_values[$user_field_name]);
$user_field_data['old'] = $Object->get_name();
}
} elseif ($user_field_name == 'gender') {
// This is the gender field, get the display name of the gender
$user_field_data['new'] = $this->get_gender();
if ($field_was_changed) {
$user_field_data['old'] = $this->significant_changed_values[$user_field_name] == 'M' ? T_('A man') : T_('A woman');
}
} else {
// Get the field value
$user_field_data['new'] = $this->get($user_field_name);
if ($field_was_changed) {
// The field was changed
$user_field_data['old'] = $this->significant_changed_values[$user_field_name];
}
}
if (!isset($user_field_data['old'])) {
// The field was not changed or the old value was empty
$user_field_data['old'] = array_key_exists($user_field_name, $this->significant_changed_values) ? NULL : $user_field_data['new'];
}
$email_template_params['fields'][$user_field_name] = $user_field_data;
}
send_admin_notification(NT_('User profile changed'), 'account_changed', $email_template_params);
// Clear changed values
$this->significant_changed_values = array();
}
/**
* Report a user
*
* @param integer reported User ID
* @param string reported user status (fake, guidelines, harass, spam, other )
* @param string more info
* @return mixed 1 on success false on error
*/
function add_report_from($user_ID, $status, $info)
{
global $DB, $current_User, $localtimenow;
$UserCache =& get_UserCache();
$reported_User = $UserCache->get_by_ID($user_ID, false);
if (!$reported_User) {
// if user doesn't exists return false
return false;
}
$result = $DB->query('REPLACE INTO T_users__reports( urep_target_user_ID, urep_reporter_ID, urep_status, urep_info, urep_datetime )
VALUES( ' . $DB->quote($user_ID) . ', ' . $DB->quote($current_User->ID) . ', ' . $DB->quote($status) . ', ' . $DB->quote($info) . ', ' . $DB->quote(date2mysql($localtimenow)) . ' )');
if ($result) {
// if report was successful send user reported notificaitons to admin users
$email_template_params = array('login' => $reported_User->login, 'email' => $reported_User->email, 'report_status' => get_report_status_text($status), 'report_info' => $info, 'user_ID' => $user_ID, 'reported_by' => $current_User->login);
// send notificaiton ( it will be send to only those users who want to receive this kind of notifications )
send_admin_notification(NT_('User account reported'), 'account_reported', $email_template_params);
}
return $result;
}
/**
* Handle close user account request and update account close reason
*
* @param boolean save modifications or not. User false only in case when User and UserSettings object will be saved later.
* @return boolean true on success, false otherwise
*/
function update_status_from_Request($dbsave, $new_status = NULL)
{
global $DB, $UserSettings, $current_User, $servertimenow;
if ($dbsave) {
// save required
$DB->begin();
}
if (empty($new_status)) {
$new_status = param('edited_user_status', 'string', true);
}
// get close reason text - max 255 characters
$account_close_reason = substr(param('account_close_reason', 'text', ''), 0, 255);
if (!$this->check_status('is_closed') && $new_status == 'closed') {
// account was not closed yet
if (empty($account_close_reason)) {
$account_close_reason = sprintf(T_('Account closed by %s'), $current_User->get('login'));
}
$this->set('status', 'closed');
$UserSettings->set('account_close_ts', $servertimenow, $this->ID);
$UserSettings->set('account_close_reason', $account_close_reason, $this->ID);
// delete last activation email data, this user must not be allowed to reactivate the account ( only admin users may change the status again )
$UserSettings->delete('last_activation_reminder_key', $this->ID);
$UserSettings->delete('last_activation_email', $this->ID);
// create query to clear all session's of the user
$clear_sessions_query = 'UPDATE T_sessions
SET sess_key = NULL
WHERE sess_user_ID = ' . $DB->quote($this->ID);
if ($dbsave && $this->dbupdate() && $UserSettings->dbupdate() && $DB->query($clear_sessions_query) !== false) {
// all db modification was successful
$DB->commit();
if ($current_User->ID != $this->ID) {
// If admin closed some user account
// Send notification email about closed account to users with edit users permission
$email_template_params = array('login' => $this->login, 'email' => $this->email, 'reason' => $account_close_reason, 'user_ID' => $this->ID, 'closed_by_admin' => $current_User->login);
send_admin_notification(NT_('User account closed'), 'account_closed', $email_template_params);
}
return true;
}
} else {
$new_status_is_active = $new_status == 'activated' || $new_status == 'autoactivated';
$old_status_is_not_active = false;
if ($this->check_status('can_be_validated') && $new_status_is_active) {
// User was activated
$old_status_is_not_active = true;
// clear activation specific settings
$UserSettings->delete('last_activation_reminder_key', $this->ID);
$UserSettings->delete('last_activation_email', $this->ID);
$UserSettings->delete('activation_reminder_count', $this->ID);
$UserSettings->delete('send_activation_reminder', $this->ID);
}
$old_status_is_not_active = $old_status_is_not_active || $this->check_status('is_closed');
// set status
$this->set('status', $new_status);
$UserSettings->set('account_close_reason', $account_close_reason, $this->ID);
if ($dbsave && $this->dbupdate()) {
// db update
$UserSettings->dbupdate();
$DB->commit();
if ($old_status_is_not_active && $new_status_is_active) {
// User was activated, create a welcome private message
$this->send_welcome_message();
if ($current_User->ID != $this->ID) {
// If admin activated some user account
// Send notification email about activated account to users with edit users permission
$email_template_params = array('User' => $this, 'login' => $this->login, 'activated_by_admin' => $current_User->login);
send_admin_notification(NT_('New user account activated'), 'account_activated', $email_template_params);
}
}
return true;
}
}
if ($dbsave) {
// save was required, but wasn't successful
$DB->rollback();
return false;
}
return true;
}
function del($id, $act_as_admin = false, $quick = false)
{
global $sess, $mytrail, $auth;
if (!defined("DIRECTORY_NOTIFICATION_INC")) {
}
include "messages/directory_notification.inc";
rm_object((int) $id, true);
if ($act_as_admin) {
send_admin_notification($mytrail, LTMSG_TRAILDEL);
}
//TODO: add reason
if (!$quick) {
page_close();
include "directory/edit/del-confirmation.html";
exit;
} else {
page_close();
Header("Location: " . $sess->url(build_good_url(parent_path($mytrail['path']))));
}
}
