/** * @see Action::execute() */ public function execute() { parent::execute(); WCF::getUser()->checkPermission('admin.user.canDeleteUser'); require_once WCF_DIR . 'lib/data/user/UserEditor.class.php'; require_once WCF_DIR . 'lib/data/user/group/Group.class.php'; if ($this->userID !== 0) { $this->userIDs[] = $this->userID; } // active user can't delete himself $activeUserID = WCF::getSession()->getUser()->userID; $this->userIDs = array_diff($this->userIDs, array($activeUserID)); // check permission if (count($this->userIDs) > 0) { $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } } $deletedUsers = UserEditor::deleteUsers($this->userIDs); $this->executed(); if (!empty($this->url) && (strpos($this->url, 'searchID=0') !== false || strpos($this->url, 'searchID=') === false)) { HeaderUtil::redirect($this->url); } else { HeaderUtil::redirect('index.php?form=UserSearch&deletedUsers=' . $deletedUsers . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED); } exit; }
/** * @see Action::execute() */ public function execute() { AbstractAction::execute(); // check permission WCF::getUser()->checkPermission('admin.user.canBanUser'); if (count($this->userIDs) > 0) { // check permission $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } // update user $sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tbanned = 0\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; WCF::getDB()->sendQuery($sql); // unmark users UserEditor::unmarkAll(); // reset sessions Session::resetSessions($this->userIDs); } $this->executed(); if (!empty($this->url)) { HeaderUtil::redirect($this->url); } else { // set active menu item WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management'); // show succes message WCF::getTPL()->assign('message', 'wcf.acp.user.unban.success'); WCF::getTPL()->display('success'); } exit; }
/** * @see Action::execute() */ public function execute() { parent::execute(); // check permission WCF::getUser()->checkPermission('admin.user.canEnableUser'); if (count($this->userIDs) > 0) { // check permission $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } // send notification $languages = array(0 => WCF::getLanguage(), WCF::getLanguage()->getLanguageID() => WCF::getLanguage()); $sql = "SELECT\tuserID, username, email, languageID\n\t\t\t\tFROM\twcf" . WCF_N . "_user\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\tAND activationCode <> 0"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!isset($languages[$row['languageID']])) { $languages[$row['languageID']] = new Language($row['languageID']); } $mail = new Mail(array($row['username'] => $row['email']), $languages[$row['languageID']]->get('wcf.acp.user.activation.mail.subject', array('PAGE_TITLE' => $languages[$row['languageID']]->get(PAGE_TITLE))), $languages[$row['languageID']]->get('wcf.acp.user.activation.mail', array('PAGE_TITLE' => $languages[$row['languageID']]->get(PAGE_TITLE), '$username' => $row['username'], 'PAGE_URL' => PAGE_URL, 'MAIL_ADMIN_ADDRESS' => MAIL_ADMIN_ADDRESS))); $mail->send(); } // update groups $sql = "DELETE FROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\t\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\t\tAND groupID = " . Group::getGroupIdByType(Group::GUESTS); WCF::getDB()->sendQuery($sql); $sql = "INSERT IGNORE INTO\twcf" . WCF_N . "_user_to_groups\n\t\t\t\t\t\t\t(userID, groupID)\n\t\t\t\tVALUES\t\t\t(" . implode(', ' . Group::getGroupIdByType(Group::USERS) . '),(', $this->userIDs) . ", '" . Group::getGroupIdByType(Group::USERS) . "')"; WCF::getDB()->sendQuery($sql); // update user $sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tactivationCode = 0\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; WCF::getDB()->sendQuery($sql); // unmark users UserEditor::unmarkAll(); // reset sessions Session::resetSessions($this->userIDs); } $this->executed(); if (!empty($this->url)) { HeaderUtil::redirect($this->url); } else { // set active menu item WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management'); // show succes message WCF::getTPL()->assign('message', 'wcf.acp.user.enable.success'); WCF::getTPL()->display('success'); } exit; }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); if (isset($_REQUEST['userID'])) { $this->userID = intval($_REQUEST['userID']); require_once WCF_DIR . 'lib/data/user/UserEditor.class.php'; $this->user = new UserEditor($this->userID); if (!$this->user->userID) { throw new IllegalLinkException(); } if (!Group::isAccessibleGroup($this->user->getGroupIDs())) { throw new PermissionDeniedException(); } } }
/** * @see Form::save() */ public function save() { parent::save(); $sql = "SELECT\t\tuser.*,\n\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\tWHERE\t\tuser.userID IN (" . $this->userIDs . ")\n\t\t\tGROUP BY\tuser.userID"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) { throw new PermissionDeniedException(); } $user = new UserEditor(null, $row); $user->addToGroups($this->groupIDs, false, false); } UserEditor::unmarkAll(); Session::resetSessions(explode(',', $this->userIDs)); $this->saved(); WCF::getTPL()->assign('message', 'wcf.acp.user.assignToGroup.success'); WCF::getTPL()->display('success'); exit; }
/** * @see Action::execute() */ public function execute() { parent::execute(); // check permission WCF::getUser()->checkPermission('admin.user.canDeleteGroup'); require_once WCF_DIR . 'lib/data/user/group/GroupEditor.class.php'; if ($this->groupID !== 0) { $this->groupIDs[] = $this->groupID; } // check permission if (!Group::isAccessibleGroup($this->groupIDs)) { throw new PermissionDeniedException(); } // check master password WCFACP::checkMasterPassword(); $deletedGroups = GroupEditor::deleteGroups($this->groupIDs); $this->executed(); HeaderUtil::redirect('index.php?page=GroupList&deletedGroups=' . $deletedGroups . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED); exit; }
/** * @see Action::execute() */ public function execute() { AbstractAction::execute(); // check permission WCF::getUser()->checkPermission('admin.user.canEnableUser'); if (count($this->userIDs) > 0) { // check permission $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } // update groups $sql = "DELETE FROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\t\tuserID IN (" . implode(',', $this->userIDs) . ")\n\t\t\t\t\t\tAND groupID <> " . Group::getGroupIdByType(Group::EVERYONE); WCF::getDB()->sendQuery($sql); $sql = "INSERT IGNORE INTO\twcf" . WCF_N . "_user_to_groups\n\t\t\t\t\t\t\t(userID, groupID)\n\t\t\t\tVALUES\t\t\t(" . implode(', ' . Group::getGroupIdByType(Group::GUESTS) . '),(', $this->userIDs) . ", '" . Group::getGroupIdByType(Group::GUESTS) . "')"; WCF::getDB()->sendQuery($sql); // update activation code foreach ($this->userIDs as $userID) { $sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\t\tSET\tactivationCode = " . UserRegistrationUtil::getActivationCode() . "\n\t\t\t\t\tWHERE\tuserID = " . $userID; WCF::getDB()->sendQuery($sql); } // unmark users UserEditor::unmarkAll(); // reset sessions Session::resetSessions($this->userIDs); } $this->executed(); if (!empty($this->url)) { HeaderUtil::redirect($this->url); } else { // set active menu item WCFACP::getMenu()->setActiveMenuItem('wcf.acp.menu.link.user.management'); // show succes message WCF::getTPL()->assign('message', 'wcf.acp.user.disable.success'); WCF::getTPL()->display('success'); } exit; }
/** * @see Action::execute() */ public function execute() { parent::execute(); // check permission WCF::getUser()->checkPermission('admin.user.canEnableUser'); // get user ids $userIDs = WCF::getSession()->getVar('markedUsers'); if (!is_array($userIDs)) { $userIDs = array(); } if (count($userIDs) > 0) { // check permission $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } // save config in session $userMailData = WCF::getSession()->getVar('userMailData'); if ($userMailData === null) { $userMailData = array(); } $mailID = count($userMailData); $userMailData[$mailID] = array('action' => '', 'userIDs' => implode(',', $userIDs)); WCF::getSession()->register('userMailData', $userMailData); // unmark users UserEditor::unmarkAll(); $this->executed(); // show worker template WCF::getTPL()->assign(array('pageTitle' => WCF::getLanguage()->get('wcf.acp.user.sendActivationMail'), 'url' => 'index.php?action=UserActivationMail&mailID=' . $mailID . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED)); WCF::getTPL()->display('worker'); exit; } else { $this->executed(); } HeaderUtil::redirect('index.php?form=UserSearch&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED); exit; }
/** * @see Page::readParameters() */ public function readParameters() { AbstractForm::readParameters(); // get user if (isset($_REQUEST['userID'])) { $this->userID = intval($_REQUEST['userID']); require_once WBB_DIR . 'lib/data/user/AbstractWBBUserSession.class.php'; $this->user = new AbstractWBBUserSession($this->userID); if (!$this->user->userID) { throw new IllegalLinkException(); } require_once WCF_DIR . 'lib/data/user/group/Group.class.php'; if (!Group::isAccessibleGroup($this->user->getGroupIDs())) { throw new PermissionDeniedException(); } } // active permission if (isset($_REQUEST['permissionName'])) { $this->permissionName = $_REQUEST['permissionName']; } $this->readPermissionSettings(); }
/** * @see Form::validate() */ public function validate() { parent::validate(); // user ids if (!count($this->userIDs)) { throw new IllegalLinkException(); } if (count($this->userIDs) < 2) { throw new NamedUserException(WCF::getLanguage()->get('wbb.acp.user.merge.error.tooFew')); } // check permission $sql = "SELECT\tDISTINCT groupID\n\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } // user id if (!$this->userID || !in_array($this->userID, $this->userIDs)) { throw new UserInputException('userID'); } }
/** * @see Form::save() */ public function save() { parent::save(); // active user can't ban himself $this->userIDArray = array_diff($this->userIDArray, array(WCF::getUser()->userID)); if (count($this->userIDArray) > 0) { // check permission $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } // get adminCanMail user option id $adminCanMailID = User::getUserOptionID('adminCanMail'); // update user $sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\tbanned = 1,\n\t\t\t\t\tbanReason = '" . escapeString($this->reason) . "'\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")"; WCF::getDB()->sendQuery($sql); // update user options if ($adminCanMailID !== null) { $sql = "UPDATE\twcf" . WCF_N . "_user_option_value\n\t\t\t\t\tSET\tuserOption" . $adminCanMailID . " = 0\n\t\t\t\t\tWHERE\tuserID IN (" . implode(',', $this->userIDArray) . ")"; WCF::getDB()->sendQuery($sql); } // unmark users UserEditor::unmarkAll(); // reset sessions Session::resetSessions($this->userIDArray); } $this->saved(); // forward if (empty($this->url)) { $this->url = 'index.php?form=UserSearch&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED; } HeaderUtil::redirect($this->url); exit; }
/** * @see Form::save() */ public function save() { parent::save(); // build conditions $this->conditions = new ConditionBuilder(); // static fields if (!empty($this->username)) { $this->conditions->add("user.username LIKE '%" . addcslashes(escapeString($this->username), '_%') . "%'"); } if (!empty($this->email)) { $this->conditions->add("user.email LIKE '%" . addcslashes(escapeString($this->email), '_%') . "%'"); } if (count($this->groupIDArray) > 0) { $this->conditions->add("user.userID " . ($this->invertGroupIDs == 1 ? 'NOT ' : '') . "IN (SELECT userID FROM wcf" . WCF_N . "_user_to_groups WHERE groupID IN (" . implode(',', $this->groupIDArray) . "))"); } if (count($this->languageIDArray) > 0) { $this->conditions->add("user.languageID IN (" . implode(',', $this->languageIDArray) . ")"); } // dynamic fields foreach ($this->activeOptions as $name => $option) { $value = isset($this->values[$option['optionName']]) ? $this->values[$option['optionName']] : null; $condition = $this->getTypeObject($option['optionType'])->getCondition($option, $value, isset($this->matchExactly[$name])); if ($condition !== false) { $this->conditions->add($condition); } } // call buildConditions event EventHandler::fireAction($this, 'buildConditions'); // execute action switch ($this->action) { case 'sendMail': WCF::getUser()->checkPermission('admin.user.canMailUser'); // get user ids $userIDArray = array(); $sql = "SELECT\t\tuser.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\t" . $this->conditions->get(); $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { $userIDArray[] = $row['userID']; $this->affectedUsers++; } // save config in session $userMailData = WCF::getSession()->getVar('userMailData'); if ($userMailData === null) { $userMailData = array(); } $mailID = count($userMailData); $userMailData[$mailID] = array('action' => '', 'userIDs' => implode(',', $userIDArray), 'groupIDs' => '', 'subject' => $this->subject, 'text' => $this->text, 'from' => $this->from, 'enableHTML' => $this->enableHTML); WCF::getSession()->register('userMailData', $userMailData); $this->saved(); // show worker template WCF::getTPL()->assign(array('pageTitle' => WCF::getLanguage()->get('wcf.acp.user.sendMail'), 'url' => 'index.php?action=UserMail&mailID=' . $mailID . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED)); WCF::getTPL()->display('worker'); exit; break; case 'exportMailAddress': WCF::getUser()->checkPermission('admin.user.canMailUser'); // send content type header('Content-Type: text/' . $this->fileType . '; charset=' . CHARSET); header('Content-Disposition: attachment; filename="export.' . $this->fileType . '"'); if ($this->fileType == 'xml') { echo "<?xml version=\"1.0\" encoding=\"" . CHARSET . "\"?>\n<addresses>\n"; } // get users $sql = "SELECT\t\tuser.email\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\t" . $this->conditions->get() . "\n\t\t\t\t\tORDER BY\tuser.email"; $result = WCF::getDB()->sendQuery($sql); $i = 0; $j = WCF::getDB()->countRows($result) - 1; while ($row = WCF::getDB()->fetchArray($result)) { if ($this->fileType == 'xml') { echo "<address><![CDATA[" . StringUtil::escapeCDATA($row['email']) . "]]></address>\n"; } else { echo $this->textSeparator . $row['email'] . $this->textSeparator . ($i < $j ? $this->separator : ''); } $i++; $this->affectedUsers++; } if ($this->fileType == 'xml') { echo "</addresses>"; } $this->saved(); exit; break; case 'assignToGroup': WCF::getUser()->checkPermission('admin.user.canEditUser'); $userIDArray = array(); $sql = "SELECT\t\tuser.*,\n\t\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\t\t\t" . $this->conditions->get() . "\t\t\n\t\t\t\t\tGROUP BY\tuser.userID"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) { throw new PermissionDeniedException(); } $user = new UserEditor(null, $row); $user->addToGroups($this->assignToGroupIDArray, false, false); $userIDArray[] = $row['userID']; $this->affectedUsers++; } Session::resetSessions($userIDArray); break; case 'delete': WCF::getUser()->checkPermission('admin.user.canDeleteUser'); $userIDArray = array(); $sql = "SELECT\t\tuser.*,\n\t\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value USING (userID)\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\t\tON\t\t(groups.userID = user.userID)\n\t\t\t\t\t" . $this->conditions->get() . "\t\t\n\t\t\t\t\tGROUP BY\tuser.userID"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup(explode(',', $row['groupIDs']))) { throw new PermissionDeniedException(); } $userIDArray[] = $row['userID']; $this->affectedUsers++; } UserEditor::deleteUsers($userIDArray); break; } $this->saved(); WCF::getTPL()->assign('affectedUsers', $this->affectedUsers); }
/** * Gets all user groups and the number of their members. */ protected function readGroups() { if ($this->items) { $sql = "SELECT\t\tuser_group.*, (SELECT COUNT(*) FROM wcf" . WCF_N . "_user_to_groups WHERE groupID = user_group.groupID) AS members\n\t\t\t\tFROM\t\twcf" . WCF_N . "_group user_group\n\t\t\t\tORDER BY\t" . ($this->sortField != 'members' ? 'user_group.' : '') . $this->sortField . " " . $this->sortOrder; $result = WCF::getDB()->sendQuery($sql, $this->itemsPerPage, ($this->pageNo - 1) * $this->itemsPerPage); while ($row = WCF::getDB()->fetchArray($result)) { $row['deletable'] = !WCF::getUser()->getPermission('admin.user.canDeleteGroup') || Group::isMember($row['groupID']) || !Group::isAccessibleGroup($row['groupID']) || $row['groupType'] == Group::EVERYONE || $row['groupType'] == Group::GUESTS || $row['groupType'] == Group::USERS ? 0 : 1; $row['editable'] = WCF::getUser()->getPermission('admin.user.canEditGroup') && Group::isAccessibleGroup($row['groupID']) ? 1 : 0; $this->groups[] = $row; } } }
/** * @see Form::validate() */ public function validate() { // validate static user options try { $this->validateUsername($this->username); } catch (UserInputException $e) { $this->errorType[$e->getField()] = $e->getType(); } try { $this->validateEmail($this->email, $this->confirmEmail); } catch (UserInputException $e) { $this->errorType[$e->getField()] = $e->getType(); } try { $this->validatePassword($this->password, $this->confirmPassword); } catch (UserInputException $e) { $this->errorType[$e->getField()] = $e->getType(); } // validate user groups if (count($this->groupIDs) > 0) { require_once WCF_DIR . 'lib/data/user/group/Group.class.php'; $sql = "SELECT\tgroupID\n\t\t\t\tFROM\twcf" . WCF_N . "_group\n\t\t\t\tWHERE\tgroupID IN (" . implode(',', $this->groupIDs) . ")\n\t\t\t\t\tAND groupType NOT IN (" . Group::GUESTS . ", " . Group::EVERYONE . ", " . Group::USERS . ")"; $result = WCF::getDB()->sendQuery($sql); $this->groupIDs = array(); while ($row = WCF::getDB()->fetchArray($result)) { if (Group::isAccessibleGroup($row['groupID'])) { $this->groupIDs[] = $row['groupID']; } } } // validate user language require_once WCF_DIR . 'lib/system/language/Language.class.php'; if (!Language::getLanguage($this->languageID)) { // use default language $this->languageID = Language::getDefaultLanguageID(); } // validate visible languages foreach ($this->visibleLanguages as $key => $visibleLanguage) { if (!($language = Language::getLanguage($visibleLanguage)) || !$language['hasContent']) { unset($this->visibleLanguages[$key]); } } if (!count($this->visibleLanguages) && ($language = Language::getLanguage($this->languageID)) && $language['hasContent']) { $this->visibleLanguages[] = $this->languageID; } // validate dynamic options parent::validate(); }
/** * Gets the list of results. */ protected function readUsers() { // get user ids $userIDs = array(); $sql = "SELECT\t\tuser_table.userID\n\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t" . (isset($this->options[$this->sortField]) ? "LEFT JOIN wcf" . WCF_N . "_user_option_value USING (userID)" : '') . "\n\t\t\t" . (!empty($this->sqlConditions) ? 'WHERE ' . $this->sqlConditions : '') . "\n\t\t\tORDER BY\t" . ($this->sortField != 'email' && isset($this->options[$this->sortField]) ? 'userOption' . $this->options[$this->sortField]['optionID'] : $this->sortField) . " " . $this->sortOrder; $result = WCF::getDB()->sendQuery($sql, $this->itemsPerPage, ($this->pageNo - 1) * $this->itemsPerPage); while ($row = WCF::getDB()->fetchArray($result)) { $userIDs[] = $row['userID']; } // get user data if (count($userIDs)) { $sql = "SELECT\t\toption_value.*, user_table.*,\n\t\t\t\t\t\tGROUP_CONCAT(groupID SEPARATOR ',') AS groupIDs\n\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_to_groups groups\n\t\t\t\tON\t\t(groups.userID = user_table.userID)\n\t\t\t\tWHERE\t\tuser_table.userID IN (" . implode(',', $userIDs) . ")\n\t\t\t\tGROUP BY\tuser_table.userID\n\t\t\t\tORDER BY\t" . ($this->sortField != 'email' && isset($this->options[$this->sortField]) ? 'option_value.userOption' . $this->options[$this->sortField]['optionID'] : 'user_table.' . $this->sortField) . " " . $this->sortOrder; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { $accessible = Group::isAccessibleGroup(explode(',', $row['groupIDs'])); $row['accessible'] = $accessible; $row['deletable'] = $accessible && WCF::getUser()->getPermission('admin.user.canDeleteUser') && $row['userID'] != WCF::getUser()->userID ? 1 : 0; $row['editable'] = $accessible && WCF::getUser()->getPermission('admin.user.canEditUser') ? 1 : 0; $row['isMarked'] = intval(in_array($row['userID'], $this->markedUsers)); $this->users[] = new User(null, $row); } // get special columns foreach ($this->users as $key => $user) { foreach ($this->columns as $column) { if (isset($this->options[$column])) { if ($this->options[$column]['outputClass']) { $outputObj = $this->getOutputObject($this->options[$column]['outputClass']); $this->columnValues[$user->userID][$column] = $outputObj->getOutput($user, $this->options[$column], $user->{$column}); } else { $this->columnValues[$user->userID][$column] = StringUtil::encodeHTML($user->{$column}); } } else { switch ($column) { case 'email': $this->columnValues[$user->userID][$column] = '<a href="mailto:' . StringUtil::encodeHTML($user->email) . '">' . StringUtil::encodeHTML($user->email) . '</a>'; break; case 'registrationDate': $this->columnValues[$user->userID][$column] = DateUtil::formatDate(null, $user->{$column}); break; } } } } } }
/** * Deletes marked users. */ public function deleteMarked() { WCF::getUser()->checkPermission('admin.user.canDeleteUser'); $userIDs = WCF::getSession()->getVar('markedUsers'); if (!is_array($userIDs)) { $userIDs = array(); } $deletedUsers = 0; // active user can't delete himself $activeUserID = WCF::getSession()->getUser()->userID; $userIDs = array_diff($userIDs, array($activeUserID)); // check permission if (count($userIDs) > 0) { $sql = "SELECT\tDISTINCT groupID\n\t\t\t\tFROM\twcf" . WCF_N . "_user_to_groups\n\t\t\t\tWHERE\tuserID IN (" . implode(',', $userIDs) . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { if (!Group::isAccessibleGroup($row['groupID'])) { throw new PermissionDeniedException(); } } $deletedUsers = UserEditor::deleteUsers($userIDs); } self::unmarkAll(); HeaderUtil::redirect('index.php?form=UserSearch&deletedUsers=' . $deletedUsers . '&packageID=' . PACKAGE_ID . SID_ARG_2ND_NOT_ENCODED); exit; }