/**
* <b>block_handler</b>
* Blocks a user if required
*/
function block_handler()
{
global $db, $config, $user, $lang;
if ($user->data['user_id'] == ANONYMOUS) {
return;
}
if (intval($config['ctracker_spammer_blockmode']) == 1 && $user->data['user_id'] != ANONYMOUS) {
// Ban user
$sql = "INSERT INTO " . BANLIST_TABLE . "(`ban_id` , `ban_userid` , `ban_ip` , `ban_email`) VALUES ('', '" . $user->data['user_id'] . "', '', NULL);";
if (!$db->sql_query($sql)) {
message_die(CRITICAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql);
}
$db->clear_cache('ban_', USERS_CACHE_FOLDER);
} elseif (intval($config['ctracker_spammer_blockmode']) == 2) {
// Block user
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_active = 0 WHERE user_id = ' . $user->data['user_id'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql);
}
// Mighty Gorgon: Remove all notifications...
if (!function_exists('user_clear_notifications')) {
include_once IP_ROOT_PATH . 'includes/functions_users_delete.' . PHP_EXT;
}
$clear_notification = user_clear_notifications($user->data['user_id']);
}
// Remove Profile data
// Removed user_email = '*****@*****.**'
$sql = "UPDATE " . USERS_TABLE . " SET user_allowavatar = 0, user_icq = '', user_website = '', user_from = '', user_sig = '', user_aim = '', user_yim = '', user_msnm = '', user_occ = '', user_interests = '' WHERE user_id = " . $user->data['user_id'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql);
}
// Log it
include_once IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT;
$logfile = new log_manager();
$logfile->prepare_log($user->data['username']);
$logfile->write_general_logfile($config['ctracker_logsize_spammer'], 5);
unset($logfile);
// Log out user
if ($user->data['session_logged_in']) {
$user->session_kill();
}
// Output Info Message
message_die(GENERAL_MESSAGE, $lang['ctracker_binf_sban']);
}
function ip_user_kill($user_id)
{
global $config, $lang, $user, $db;
if (!($this_userdata = get_userdata($user_id))) {
if (!defined('STATUS_404')) {
define('STATUS_404', true);
}
message_die(GENERAL_MESSAGE, 'NO_USER');
}
if ($user->data['user_id'] != $user_id) {
// We need to reset notifications before deleting the user from the table, because we also want to make sure to reset his profile if something goes wrong in deletion
$clear_notification = user_clear_notifications($user_id);
$sql = "SELECT g.group_id\n\t\t\tFROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g\n\t\t\tWHERE ug.user_id = " . $user_id . "\n\t\t\t\tAND g.group_id = ug.group_id\n\t\t\t\tAND g.group_single_user = 1";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "\n\t\t\tSET poster_id = " . DELETED . ", post_username = '******'username']) . "'\n\t\t\tWHERE poster_id = " . $user_id;
$db->sql_query($sql);
$sql = "UPDATE " . TOPICS_TABLE . "\n\t\t\tSET topic_poster = " . DELETED . "\n\t\t\tWHERE topic_poster = " . $user_id;
$db->sql_query($sql);
$sql = "UPDATE " . POLL_VOTES_TABLE . "\n\t\t\tSET vote_user_id = " . DELETED . "\n\t\t\tWHERE vote_user_id = " . $user_id;
$db->sql_query($sql);
$sql = "UPDATE " . GROUPS_TABLE . "\n\t\t\tSET group_moderator = '" . $user->data['user_id'] . "'\n\t\t\tWHERE group_moderator = '" . $user_id . "'";
$db->sql_query($sql);
$sql = "DELETE FROM " . USERS_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . USER_GROUP_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
if (!empty($row['group_id'])) {
$sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = '" . $row['group_id'] . "'";
$db->sql_query($sql);
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = '" . $row['group_id'] . "'";
$db->sql_query($sql);
}
// UPI2DB - BEGIN
$sql = "DELETE FROM " . UPI2DB_ALWAYS_READ_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . UPI2DB_UNREAD_POSTS_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
// UPI2DB - END
$sql = "DELETE FROM " . POSTS_LIKES_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . BOOKMARK_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . DRAFTS_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
if (!empty($config['plugins']['links']['enabled'])) {
$sql = "DELETE FROM " . LINKS_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
}
$sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_userid = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
$sql = "UPDATE " . ALBUM_TABLE . "\n\t\tSET pic_user_id = " . ANONYMOUS . "\n\t\t\tWHERE pic_user_id = " . $user_id;
$result = $db->sql_query($sql);
$sql = "UPDATE " . ALBUM_COMMENT_TABLE . "\n\t\tSET comment_user_id = " . ANONYMOUS . "\n\t\t\tWHERE comment_user_id = " . $user_id;
$result = $db->sql_query($sql);
$sql = "DELETE FROM " . DL_FAVORITES_TABLE . " WHERE fav_user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . DL_NOTRAF_TABLE . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
if (!empty($config['plugins']['sudoku']['enabled'])) {
$sql = "DELETE FROM " . SUDOKU_STATS . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
$sql = "DELETE FROM " . SUDOKU_USERS . " WHERE user_id = " . $user_id;
$db->sql_query($sql);
}
// Start add - Fully integrated shoutbox MOD
$sql = "UPDATE " . SHOUTBOX_TABLE . "\n\t\t\tSET shout_user_id = " . DELETED . ", shout_username = '******'\n\t\t\tWHERE shout_user_id = " . $user_id;
$db->sql_query($sql);
// End add - Fully integrated shoutbox MOD
// Event Registration - BEGIN
$sql = "DELETE FROM " . REGISTRATION_TABLE . " WHERE registration_user_id = " . $user_id;
$db->sql_query($sql);
// Event Registration - END
$sql = "SELECT privmsgs_id\n\t\t\tFROM " . PRIVMSGS_TABLE . "\n\t\t\tWHERE ((privmsgs_from_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_NEW_MAIL . ")\n\t\t\tOR (privmsgs_from_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_SENT_MAIL . ")\n\t\t\tOR (privmsgs_to_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_READ_MAIL . ")\n\t\t\tOR (privmsgs_to_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . ")\n\t\t\tOR (privmsgs_from_userid = " . $user_id . "\n\t\t\tAND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "))";
// This is more restrictive!
/*
$sql = "SELECT privmsgs_id
FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_from_userid = " . $user_id . "
OR privmsgs_to_userid = " . $user_id;
*/
$result = $db->sql_query($sql);
// This little bit of code directly from the private messaging section.
while ($row_privmsgs = $db->sql_fetchrow($result)) {
$mark_list[] = $row_privmsgs['privmsgs_id'];
}
if (sizeof($mark_list)) {
$delete_sql_id = implode(', ', $mark_list);
$delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "\n\t\t\t\tWHERE privmsgs_id IN ({$delete_sql_id})";
$db->sql_query($delete_sql);
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "\n\t\t\tSET privmsgs_to_userid = " . DELETED . "\n\t\t\tWHERE privmsgs_to_userid = " . $user_id;
$db->sql_query($sql);
$sql = "UPDATE " . PRIVMSGS_TABLE . "\n\t\t\tSET privmsgs_from_userid = " . DELETED . "\n\t\t\tWHERE privmsgs_from_userid = " . $user_id;
$db->sql_query($sql);
$db->clear_cache('ban_', USERS_CACHE_FOLDER);
return true;
}
return false;
}
}
break;
case 'activate':
// activate or deactive the seleted users
$i = 0;
while ($i < sizeof($user_ids)) {
$user_id = intval($user_ids[$i]);
$sql = "SELECT user_active FROM " . USERS_TABLE . "\n\t\t\t\tWHERE user_id = {$user_id}";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$new_status = $row['user_active'] ? 0 : 1;
$sql = "UPDATE " . USERS_TABLE . "\n\t\t\t\tSET user_active = '" . $new_status . "'\n\t\t\t\tWHERE user_id = " . $user_id;
$result = $db->sql_query($sql);
if ($new_status == 0) {
$clear_notification = user_clear_notifications($user_id);
}
unset($user_id);
$i++;
}
$message = $lang['User_status_updated'] . '<br /><br />' . sprintf($lang['Click_return_userlist'], '<a href="' . append_sid('admin_userlist.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
break;
case 'group':
// add users to a group
if (!$confirm) {
// show form to select which group to add users to
$i = 0;
$hidden_fields = '';
while ($i < sizeof($user_ids)) {
$user_id = intval($user_ids[$i]);
// Send also to sender in BCC if needed...
if (!empty($_POST['cc_email'])) {
$emailer->bcc($sender);
}
$emailer->replyto($sender);
$emailer->set_subject($email_subject);
$emailer->assign_vars(array('MESSAGE' => $email_message));
$emailer->send();
$emailer->reset();
$redirect_url = append_sid(CMS_PAGE_HOME);
meta_refresh(3, $redirect_url);
$message_die = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_HOME) . '">', '</a>');
if ($account_delete) {
$sql = "UPDATE " . USERS_TABLE . "\n\t\t\t\tSET user_active = '0'\n\t\t\t\tWHERE user_id = " . $user->data['user_id'];
$result = $db->sql_query($sql);
$clear_notification = user_clear_notifications($user->data['user_id']);
$message = $lang['Email_sent'];
$redirect_url = append_sid(CMS_PAGE_LOGIN . '?logout=true&sid=' . $user->data['session_id']);
meta_refresh(3, $redirect_url);
}
message_die(GENERAL_MESSAGE, $message_die);
}
}
if ($error) {
$template->set_filenames(array('reg_header' => 'error_body.tpl'));
$template->assign_vars(array('ERROR_MESSAGE' => $error_msg));
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
if (ENABLE_VISUAL_CONFIRM && !$user->data['session_logged_in']) {
// Visual Confirmation
$confirm_image = '';
