/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
WCF::getUser()->checkPermission('admin.user.canDeleteUser');
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
require_once WCF_DIR . 'lib/data/user/group/Group.class.php';
if ($this->userID !== 0) {
$this->userIDs[] = $this->userID;
}
// active user can't delete himself
$activeUserID = WCF::getSession()->getUser()->userID;
$this->userIDs = array_diff($this->userIDs, array($activeUserID));
// check permission
if (count($this->userIDs) > 0) {
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
}
$deletedUsers = UserEditor::deleteUsers($this->userIDs);
$this->executed();
if (!empty($this->url) && (strpos($this->url, 'searchID=0') !== false || strpos($this->url, 'searchID=') === false)) {
HeaderUtil::redirect($this->url);
} else {
HeaderUtil::redirect('index.php?form=UserSearch&deletedUsers=' . $deletedUsers . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
}
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
AbstractAction::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canBanUser');
if (count($this->userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// update user
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tbanned = 0\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
WCF::getDB()->sendQuery($sql);
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDs);
}
$this->executed();
if (!empty($this->url)) {
HeaderUtil::redirect($this->url);
} else {
// set active menu item
WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management');
// show succes message
WCF::getTPL()->assign('message', 'wcf.acp.user.unban.success');
WCF::getTPL()->display('success');
}
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canEnableUser');
if (count($this->userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// send notification
$languages = array(0 => WCF::getLanguage(), WCF::getLanguage()->getLanguageID() => WCF::getLanguage());
$sql = "SELECT\tuserID, username, email, languageID\n\t\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\tAND activationCode <> 0";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!isset($languages[$row['languageID']])) {
$languages[$row['languageID']] = new Language($row['languageID']);
}
$mail = new Mail(array($row['username'] => $row['email']), $languages[$row['languageID']]->get('wcf.acp.user.activation.mail.subject', array('PAGE_TITLE' => $languages[$row['languageID']]->get(PAGE_TITLE))), $languages[$row['languageID']]->get('wcf.acp.user.activation.mail', array('PAGE_TITLE' => $languages[$row['languageID']]->get(PAGE_TITLE), '$username' => $row['username'], 'PAGE_URL' => PAGE_URL, 'MAIL_ADMIN_ADDRESS' => MAIL_ADMIN_ADDRESS)));
$mail->send();
}
// update groups
$sql = "DELETE FROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\t\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\t\tAND groupID = " . Group::getGroupIdByType(Group::GUESTS);
WCF::getDB()->sendQuery($sql);
$sql = "INSERT IGNORE INTO\twcf" . WCF_N . "_user_to_groups\n\t\t\t\t\t\t\t(userID, groupID)\n\t\t\t\tVALUES\t\t\t(" . implode(', ' . Group::getGroupIdByType(Group::USERS) . '),(', $this->userIDs) . ", '" . Group::getGroupIdByType(Group::USERS) . "')";
WCF::getDB()->sendQuery($sql);
// update user
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tactivationCode = 0\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
WCF::getDB()->sendQuery($sql);
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDs);
}
$this->executed();
if (!empty($this->url)) {
HeaderUtil::redirect($this->url);
} else {
// set active menu item
WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management');
// show succes message
WCF::getTPL()->assign('message', 'wcf.acp.user.enable.success');
WCF::getTPL()->display('success');
}
exit;
}
/**
* @see Page::readParameters()
*/
public function readParameters()
{
parent::readParameters();
if (isset($_REQUEST['userID'])) {
$this->userID = intval($_REQUEST['userID']);
require_once WCF_DIR . 'lib/data/user/UserEditor.class.php';
$this->user = new UserEditor($this->userID);
if (!$this->user->userID) {
throw new IllegalLinkException();
}
if (!Group::isAccessibleGroup($this->user->getGroupIDs())) {
throw new PermissionDeniedException();
}
}
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
$sql = "SELECT\t\tuser.*,\n\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\tWHERE\t\tuser.userID IN (" . $this->userIDs . ")\n\t\t\tGROUP BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) {
throw new PermissionDeniedException();
}
$user = new UserEditor(null, $row);
$user->addToGroups($this->groupIDs, false, false);
}
UserEditor::unmarkAll();
Session::resetSessions(explode(',', $this->userIDs));
$this->saved();
WCF::getTPL()->assign('message', 'wcf.acp.user.assignToGroup.success');
WCF::getTPL()->display('success');
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canDeleteGroup');
require_once WCF_DIR . 'lib/data/user/group/GroupEditor.class.php';
if ($this->groupID !== 0) {
$this->groupIDs[] = $this->groupID;
}
// check permission
if (!Group::isAccessibleGroup($this->groupIDs)) {
throw new PermissionDeniedException();
}
// check master password
WCFACP::checkMasterPassword();
$deletedGroups = GroupEditor::deleteGroups($this->groupIDs);
$this->executed();
HeaderUtil::redirect('index.php?page=GroupList&deletedGroups=' . $deletedGroups . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
AbstractAction::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canEnableUser');
if (count($this->userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// update groups
$sql = "DELETE FROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\t\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\t\tAND groupID <> " . Group::getGroupIdByType(Group::EVERYONE);
WCF::getDB()->sendQuery($sql);
$sql = "INSERT IGNORE INTO\twcf" . WCF_N . "_user_to_groups\n\t\t\t\t\t\t\t(userID, groupID)\n\t\t\t\tVALUES\t\t\t(" . implode(', ' . Group::getGroupIdByType(Group::GUESTS) . '),(', $this->userIDs) . ", '" . Group::getGroupIdByType(Group::GUESTS) . "')";
WCF::getDB()->sendQuery($sql);
// update activation code
foreach ($this->userIDs as $userID) {
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\t\tSET\tactivationCode = " . UserRegistrationUtil::getActivationCode() . "\n\t\t\t\t\tWHERE\tuserID = " . $userID;
WCF::getDB()->sendQuery($sql);
}
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDs);
}
$this->executed();
if (!empty($this->url)) {
HeaderUtil::redirect($this->url);
} else {
// set active menu item
WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management');
// show succes message
WCF::getTPL()->assign('message', 'wcf.acp.user.disable.success');
WCF::getTPL()->display('success');
}
exit;
}
/**
* @see Action::execute()
*/
public function execute()
{
parent::execute();
// check permission
WCF::getUser()->checkPermission('admin.user.canEnableUser');
// get user ids
$userIDs = WCF::getSession()->getVar('markedUsers');
if (!is_array($userIDs)) {
$userIDs = array();
}
if (count($userIDs) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// save config in session
$userMailData = WCF::getSession()->getVar('userMailData');
if ($userMailData === null) {
$userMailData = array();
}
$mailID = count($userMailData);
$userMailData[$mailID] = array('action' => '', 'userIDs' => implode(',', $userIDs));
WCF::getSession()->register('userMailData', $userMailData);
// unmark users
UserEditor::unmarkAll();
$this->executed();
// show worker template
WCF::getTPL()->assign(array('pageTitle' => WCF::getLanguage()->get('wcf.acp.user.sendActivationMail'), 'url' => 'index.php?action=UserActivationMail&mailID=' . $mailID . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED));
WCF::getTPL()->display('worker');
exit;
} else {
$this->executed();
}
HeaderUtil::redirect('index.php?form=UserSearch&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
exit;
}
/**
* @see Page::readParameters()
*/
public function readParameters()
{
AbstractForm::readParameters();
// get user
if (isset($_REQUEST['userID'])) {
$this->userID = intval($_REQUEST['userID']);
require_once WBB_DIR . 'lib/data/user/AbstractWBBUserSession.class.php';
$this->user = new AbstractWBBUserSession($this->userID);
if (!$this->user->userID) {
throw new IllegalLinkException();
}
require_once WCF_DIR . 'lib/data/user/group/Group.class.php';
if (!Group::isAccessibleGroup($this->user->getGroupIDs())) {
throw new PermissionDeniedException();
}
}
// active permission
if (isset($_REQUEST['permissionName'])) {
$this->permissionName = $_REQUEST['permissionName'];
}
$this->readPermissionSettings();
}
/**
* @see Form::validate()
*/
public function validate()
{
parent::validate();
// user ids
if (!count($this->userIDs)) {
throw new IllegalLinkException();
}
if (count($this->userIDs) < 2) {
throw new NamedUserException(WCF::getLanguage()->get('wbb.acp.user.merge.error.tooFew'));
}
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// user id
if (!$this->userID || !in_array($this->userID, $this->userIDs)) {
throw new UserInputException('userID');
}
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
// active user can't ban himself
$this->userIDArray = array_diff($this->userIDArray, array(WCF::getUser()->userID));
if (count($this->userIDArray) > 0) {
// check permission
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
// get adminCanMail user option id
$adminCanMailID = User::getUserOptionID('adminCanMail');
// update user
$sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tbanned = 1,\n\t\t\t\t\tbanReason = '" . escapeString($this->reason) . "'\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")";
WCF::getDB()->sendQuery($sql);
// update user options
if ($adminCanMailID !== null) {
$sql = "UPDATE\twcf" . WCF_N . "_user_option_value\n\t\t\t\t\tSET\tuserOption" . $adminCanMailID . " = 0\n\t\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")";
WCF::getDB()->sendQuery($sql);
}
// unmark users
UserEditor::unmarkAll();
// reset sessions
Session::resetSessions($this->userIDArray);
}
$this->saved();
// forward
if (empty($this->url)) {
$this->url = 'index.php?form=UserSearch&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED;
}
HeaderUtil::redirect($this->url);
exit;
}
/**
* @see Form::save()
*/
public function save()
{
parent::save();
// build conditions
$this->conditions = new ConditionBuilder();
// static fields
if (!empty($this->username)) {
$this->conditions->add("user.username LIKE '%" . addcslashes(escapeString($this->username), '_%') . "%'");
}
if (!empty($this->email)) {
$this->conditions->add("user.email LIKE '%" . addcslashes(escapeString($this->email), '_%') . "%'");
}
if (count($this->groupIDArray) > 0) {
$this->conditions->add("user.userID " . ($this->invertGroupIDs == 1 ? 'NOT ' : '') . "IN (SELECT userID FROM wcf" . WCF_N . "_user_to_groups WHERE groupID IN (" . implode(',', $this->groupIDArray) . "))");
}
if (count($this->languageIDArray) > 0) {
$this->conditions->add("user.languageID IN (" . implode(',', $this->languageIDArray) . ")");
}
// dynamic fields
foreach ($this->activeOptions as $name => $option) {
$value = isset($this->values[$option['optionName']]) ? $this->values[$option['optionName']] : null;
$condition = $this->getTypeObject($option['optionType'])->getCondition($option, $value, isset($this->matchExactly[$name]));
if ($condition !== false) {
$this->conditions->add($condition);
}
}
// call buildConditions event
EventHandler::fireAction($this, 'buildConditions');
// execute action
switch ($this->action) {
case 'sendMail':
WCF::getUser()->checkPermission('admin.user.canMailUser');
// get user ids
$userIDArray = array();
$sql = "SELECT\t\tuser.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\t" . $this->conditions->get();
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
$userIDArray[] = $row['userID'];
$this->affectedUsers++;
}
// save config in session
$userMailData = WCF::getSession()->getVar('userMailData');
if ($userMailData === null) {
$userMailData = array();
}
$mailID = count($userMailData);
$userMailData[$mailID] = array('action' => '', 'userIDs' => implode(',', $userIDArray), 'groupIDs' => '', 'subject' => $this->subject, 'text' => $this->text, 'from' => $this->from, 'enableHTML' => $this->enableHTML);
WCF::getSession()->register('userMailData', $userMailData);
$this->saved();
// show worker template
WCF::getTPL()->assign(array('pageTitle' => WCF::getLanguage()->get('wcf.acp.user.sendMail'), 'url' => 'index.php?action=UserMail&mailID=' . $mailID . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED));
WCF::getTPL()->display('worker');
exit;
break;
case 'exportMailAddress':
WCF::getUser()->checkPermission('admin.user.canMailUser');
// send content type
header('Content-Type: text/' . $this->fileType . '; charset=' . CHARSET);
header('Content-Disposition: attachment; filename="export.' . $this->fileType . '"');
if ($this->fileType == 'xml') {
echo "<?xml version=\"1.0\" encoding=\"" . CHARSET . "\"?>\n<addresses>\n";
}
// get users
$sql = "SELECT\t\tuser.email\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\t" . $this->conditions->get() . "\n\t\t\t\t\tORDER BY\tuser.email";
$result = WCF::getDB()->sendQuery($sql);
$i = 0;
$j = WCF::getDB()->countRows($result) - 1;
while ($row = WCF::getDB()->fetchArray($result)) {
if ($this->fileType == 'xml') {
echo "<address><![CDATA[" . StringUtil::escapeCDATA($row['email']) . "]]></address>\n";
} else {
echo $this->textSeparator . $row['email'] . $this->textSeparator . ($i < $j ? $this->separator : '');
}
$i++;
$this->affectedUsers++;
}
if ($this->fileType == 'xml') {
echo "</addresses>";
}
$this->saved();
exit;
break;
case 'assignToGroup':
WCF::getUser()->checkPermission('admin.user.canEditUser');
$userIDArray = array();
$sql = "SELECT\t\tuser.*,\n\t\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\t\t\t" . $this->conditions->get() . "\t\t\n\t\t\t\t\tGROUP BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) {
throw new PermissionDeniedException();
}
$user = new UserEditor(null, $row);
$user->addToGroups($this->assignToGroupIDArray, false, false);
$userIDArray[] = $row['userID'];
$this->affectedUsers++;
}
Session::resetSessions($userIDArray);
break;
case 'delete':
WCF::getUser()->checkPermission('admin.user.canDeleteUser');
$userIDArray = array();
$sql = "SELECT\t\tuser.*,\n\t\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\t\t\t" . $this->conditions->get() . "\t\t\n\t\t\t\t\tGROUP BY\tuser.userID";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) {
throw new PermissionDeniedException();
}
$userIDArray[] = $row['userID'];
$this->affectedUsers++;
}
UserEditor::deleteUsers($userIDArray);
break;
}
$this->saved();
WCF::getTPL()->assign('affectedUsers', $this->affectedUsers);
}
/**
* Gets all user groups and the number of their members.
*/
protected function readGroups()
{
if ($this->items) {
$sql = "SELECT\t\tuser_group.*, (SELECT COUNT(*) FROM wcf" . WCF_N . "_user_to_groups WHERE groupID = user_group.groupID) AS members\n\t\t\t\tFROM\t\twcf" . WCF_N . "_group user_group\n\t\t\t\tORDER BY\t" . ($this->sortField != 'members' ? 'user_group.' : '') . $this->sortField . " " . $this->sortOrder;
$result = WCF::getDB()->sendQuery($sql, $this->itemsPerPage, ($this->pageNo - 1) * $this->itemsPerPage);
while ($row = WCF::getDB()->fetchArray($result)) {
$row['deletable'] = !WCF::getUser()->getPermission('admin.user.canDeleteGroup') || Group::isMember($row['groupID']) || !Group::isAccessibleGroup($row['groupID']) || $row['groupType'] == Group::EVERYONE || $row['groupType'] == Group::GUESTS || $row['groupType'] == Group::USERS ? 0 : 1;
$row['editable'] = WCF::getUser()->getPermission('admin.user.canEditGroup') && Group::isAccessibleGroup($row['groupID']) ? 1 : 0;
$this->groups[] = $row;
}
}
}
/**
* @see Form::validate()
*/
public function validate()
{
// validate static user options
try {
$this->validateUsername($this->username);
} catch (UserInputException $e) {
$this->errorType[$e->getField()] = $e->getType();
}
try {
$this->validateEmail($this->email, $this->confirmEmail);
} catch (UserInputException $e) {
$this->errorType[$e->getField()] = $e->getType();
}
try {
$this->validatePassword($this->password, $this->confirmPassword);
} catch (UserInputException $e) {
$this->errorType[$e->getField()] = $e->getType();
}
// validate user groups
if (count($this->groupIDs) > 0) {
require_once WCF_DIR . 'lib/data/user/group/Group.class.php';
$sql = "SELECT\tgroupID\n\t\t\t\tFROM\twcf" . WCF_N . "_group\n\t\t\t\tWHERE\tgroupID IN (" . implode(',', $this->groupIDs) . ")\n\t\t\t\t\tAND groupType NOT IN (" . Group::GUESTS . ", " . Group::EVERYONE . ", " . Group::USERS . ")";
$result = WCF::getDB()->sendQuery($sql);
$this->groupIDs = array();
while ($row = WCF::getDB()->fetchArray($result)) {
if (Group::isAccessibleGroup($row['groupID'])) {
$this->groupIDs[] = $row['groupID'];
}
}
}
// validate user language
require_once WCF_DIR . 'lib/system/language/Language.class.php';
if (!Language::getLanguage($this->languageID)) {
// use default language
$this->languageID = Language::getDefaultLanguageID();
}
// validate visible languages
foreach ($this->visibleLanguages as $key => $visibleLanguage) {
if (!($language = Language::getLanguage($visibleLanguage)) || !$language['hasContent']) {
unset($this->visibleLanguages[$key]);
}
}
if (!count($this->visibleLanguages) && ($language = Language::getLanguage($this->languageID)) && $language['hasContent']) {
$this->visibleLanguages[] = $this->languageID;
}
// validate dynamic options
parent::validate();
}
/**
* Gets the list of results.
*/
protected function readUsers()
{
// get user ids
$userIDs = array();
$sql = "SELECT\t\tuser_table.userID\n\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t" . (isset($this->options[$this->sortField]) ? "LEFT JOIN wcf" . WCF_N . "_user_option_value USING (userID)" : '') . "\n\t\t\t" . (!empty($this->sqlConditions) ? 'WHERE ' . $this->sqlConditions : '') . "\n\t\t\tORDER BY\t" . ($this->sortField != 'email' && isset($this->options[$this->sortField]) ? 'userOption' . $this->options[$this->sortField]['optionID'] : $this->sortField) . " " . $this->sortOrder;
$result = WCF::getDB()->sendQuery($sql, $this->itemsPerPage, ($this->pageNo - 1) * $this->itemsPerPage);
while ($row = WCF::getDB()->fetchArray($result)) {
$userIDs[] = $row['userID'];
}
// get user data
if (count($userIDs)) {
$sql = "SELECT\t\toption_value.*, user_table.*,\n\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\tON\t\t(groups.userID = user_table.userID)\n\t\t\t\tWHERE\t\tuser_table.userID IN (" . implode(',', $userIDs) . ")\n\t\t\t\tGROUP BY\tuser_table.userID\n\t\t\t\tORDER BY\t" . ($this->sortField != 'email' && isset($this->options[$this->sortField]) ? 'option_value.userOption' . $this->options[$this->sortField]['optionID'] : 'user_table.' . $this->sortField) . " " . $this->sortOrder;
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
$accessible = Group::isAccessibleGroup(explode(',', $row['groupIDs']));
$row['accessible'] = $accessible;
$row['deletable'] = $accessible && WCF::getUser()->getPermission('admin.user.canDeleteUser') && $row['userID'] != WCF::getUser()->userID ? 1 : 0;
$row['editable'] = $accessible && WCF::getUser()->getPermission('admin.user.canEditUser') ? 1 : 0;
$row['isMarked'] = intval(in_array($row['userID'], $this->markedUsers));
$this->users[] = new User(null, $row);
}
// get special columns
foreach ($this->users as $key => $user) {
foreach ($this->columns as $column) {
if (isset($this->options[$column])) {
if ($this->options[$column]['outputClass']) {
$outputObj = $this->getOutputObject($this->options[$column]['outputClass']);
$this->columnValues[$user->userID][$column] = $outputObj->getOutput($user, $this->options[$column], $user->{$column});
} else {
$this->columnValues[$user->userID][$column] = StringUtil::encodeHTML($user->{$column});
}
} else {
switch ($column) {
case 'email':
$this->columnValues[$user->userID][$column] = '<a href="mailto:' . StringUtil::encodeHTML($user->email) . '">' . StringUtil::encodeHTML($user->email) . '</a>';
break;
case 'registrationDate':
$this->columnValues[$user->userID][$column] = DateUtil::formatDate(null, $user->{$column});
break;
}
}
}
}
}
}
/**
* Deletes marked users.
*/
public function deleteMarked()
{
WCF::getUser()->checkPermission('admin.user.canDeleteUser');
$userIDs = WCF::getSession()->getVar('markedUsers');
if (!is_array($userIDs)) {
$userIDs = array();
}
$deletedUsers = 0;
// active user can't delete himself
$activeUserID = WCF::getSession()->getUser()->userID;
$userIDs = array_diff($userIDs, array($activeUserID));
// check permission
if (count($userIDs) > 0) {
$sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $userIDs) . ")";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
if (!Group::isAccessibleGroup($row['groupID'])) {
throw new PermissionDeniedException();
}
}
$deletedUsers = UserEditor::deleteUsers($userIDs);
}
self::unmarkAll();
HeaderUtil::redirect('index.php?form=UserSearch&deletedUsers=' . $deletedUsers . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED);
exit;
}
