static function checkuser($usergroups = array())
{
global $serendipity;
static $debug = false;
if (!empty($serendipity['GET']['adduser_activation']) && !empty($_GET['r'])) {
$string = $serendipity['GET']['adduser_activation'];
$q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1";
if ($debug) {
echo "[debug] QUERY: {$q}<br />\n";
}
$author = serendipity_db_query($q, true);
serendipity_common_adduser::sendMail($author['username'], function_exists('serendipity_specialchars') ? serendipity_specialchars($string) : htmlspecialchars($string, ENT_COMPAT, LANG_CHARSET), $author['email'], false, false);
echo PLUGIN_ADDUSER_SENTMAIL_APPROVE_ADMIN;
return true;
}
if (!empty($serendipity['GET']['adduser_activation'])) {
$string = $serendipity['GET']['adduser_activation'];
unset($serendipity['GET']['adduser_activation']);
if (strlen($string) != 32) {
echo PLUGIN_ADDUSER_WRONG_ACTIVATION . '<hr />';
return false;
}
$q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1";
if ($debug) {
echo "[debug] QUERY: {$q}<br />\n";
}
$author = serendipity_db_query($q, true);
if ($debug) {
echo "[debug] RESULT: " . print_r($author, true) . "<br />\n";
}
if (is_array($author)) {
$user = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}authors WHERE username = '******'username']) . "'", true);
if (is_array($user) && !empty($user['authorid'])) {
printf(PLUGIN_ADDUSER_EXISTS . '<hr />', function_exists('serendipity_specialchars') ? serendipity_specialchars($author['username']) : htmlspecialchars($author['username'], ENT_COMPAT, LANG_CHARSET));
return false;
}
$newID = serendipity_addAuthor($author['username'], '', $author['username'], $author['email'], $author['userlevel']);
if ($debug) {
echo "[debug] serendipity_addAuthor: {$newID}<br />\n";
}
if ($newID) {
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}authors\n SET right_publish = '" . ($author['right_publish'] ? '1' : '0') . "',\n password = '******'password'] . "'\n WHERE authorid = " . (int) $newID);
serendipity_set_config_var('no_create', $author['no_create'], $newID);
serendipity_set_config_var('lang', $serendipity['lang'], $newID);
// Fetch default properties for new authors as configured.
// Only set values for the keys that are supported (all booleans currently!)
$config = serendipity_db_query("SELECT name, value FROM {$serendipity['dbPrefix']}config WHERE name LIKE 'serendipity_plugin_adduser:%'");
$pair_config = array('wysiwyg' => '', 'simpleFilters' => '', 'enableBackendPopup' => '', 'moderateCommentsDefault' => '', 'allowCommentsDefault' => '', 'showMediaToolbar' => '', 'use_autosave' => '');
if (is_array($config)) {
foreach ($config as $conf) {
$names = explode('/', $conf['name']);
if (isset($pair_config[$names[1]])) {
$pair_config[$names[1]] = serendipity_get_bool($conf['value']);
serendipity_set_config_var($names[1], $pair_config['wysiwyg'], $newID);
}
}
}
if (is_array($usergroups) && function_exists('serendipity_updateGroups')) {
if ($debug) {
echo "[debug] update groups: " . print_r($usergroups, true) . "<br />\n";
}
serendipity_updateGroups($usergroups, $newID, false);
} elseif ($debug) {
echo "[debug] no group addition: " . print_r($usergroups, true) . "<br />\n";
}
} elseif ($debug) {
echo "[debug] serendipity_addAuthor() failed!<br />\n";
}
}
$q = "SELECT authorid FROM {$serendipity['dbPrefix']}authors\n WHERE username = '******'username'] . "'\n AND password = '******'password'] . "'\n LIMIT 1";
$newauthor = serendipity_db_query($q, true);
if (is_array($newauthor) && $newauthor['authorid'] > 0) {
echo PLUGIN_ADDUSER_SUCCEED . '<hr />';
serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "'");
return true;
} else {
if ($debug) {
echo "[debug] QUERY: {$q}<br />\n";
echo "[debug] RESULT: " . print_r($newauthor, true) . "<br />\n";
}
echo PLUGIN_ADDUSER_FAILED . '<hr />';
return false;
}
}
return false;
}
} elseif ($groupval == 2 && in_array(3, $valid_groups)) {
// Admin is allowed to assign users to chief editors
continue;
} elseif ($groupval == 1 && in_array(2, $valid_groups)) {
// Chief is allowed to assign users to editors
continue;
}
unset($_POST[$item['var']][$groupkey]);
}
} else {
continue;
}
if (count($_POST[$item['var']]) < 1) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . WARNING_NO_GROUPS_SELECTED . '</div>';
} else {
serendipity_updateGroups($_POST[$item['var']], $serendipity['POST']['user'], false);
}
continue;
}
if (serendipity_checkConfigItemFlags($item, 'local')) {
serendipity_set_user_var($item['var'], $_POST[$item['var']], $serendipity['POST']['user'], $serendipity['authorid'] == $serendipity['POST']['user'] ? true : false);
}
if (serendipity_checkConfigItemFlags($item, 'configuration')) {
serendipity_set_config_var($item['var'], $_POST[$item['var']], $serendipity['POST']['user']);
}
}
}
$pl_data = array('id' => $serendipity['POST']['authorid'], 'authorid' => $serendipity['POST']['authorid'], 'username' => $_POST['username'], 'realname' => $_POST['realname'], 'email' => $_POST['email']);
serendipity_updatePermalink($pl_data, 'author');
serendipity_plugin_api::hook_event('backend_users_edit', $pl_data);
printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . MODIFIED_USER . '</div>', htmlspecialchars($_POST['realname']));
