function regmod_content(&$a) { global $lang; $_SESSION['return_url'] = App::$cmd; if (!local_channel()) { info(t('Please login.') . EOL); $o .= '<br /><br />' . login(App::$config['system']['register_policy'] == REGISTER_CLOSED ? 0 : 1); return $o; } if (!is_site_admin()) { notice(t('Permission denied.') . EOL); return ''; } if (argc() != 3) { killme(); } $cmd = argv(1); $hash = argv(2); if ($cmd === 'deny') { if (!account_deny($hash)) { killme(); } } if ($cmd === 'allow') { if (!account_allow($hash)) { killme(); } } }
function regver_content(&$a) { global $lang; $_SESSION['return_url'] = App::$cmd; if (argc() != 3) { killme(); } $cmd = argv(1); $hash = argv(2); if ($cmd === 'deny') { if (!account_deny($hash)) { killme(); } } if ($cmd === 'allow') { if (!account_approve($hash)) { killme(); } } }
/** * @brief Handle POST actions on accounts admin page. * * This function is called when on the admin user/account page the form was * submitted to handle multiple operations at once. If one of the icons next * to an entry are pressed the function admin_page_accounts() will handle this. * */ function post() { $pending = x($_POST, 'pending') ? $_POST['pending'] : array(); $users = x($_POST, 'user') ? $_POST['user'] : array(); $blocked = x($_POST, 'blocked') ? $_POST['blocked'] : array(); check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts'); // change to switch structure? // account block/unblock button was submitted if (x($_POST, 'page_users_block')) { for ($i = 0; $i < count($users); $i++) { // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag $op = $blocked[$i] ? '& ~' : '| '; q("UPDATE account SET account_flags = (account_flags {$op}%d) WHERE account_id = %d", intval(ACCOUNT_BLOCKED), intval($users[$i])); } notice(sprintf(tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users))); } // account delete button was submitted if (x($_POST, 'page_accounts_delete')) { foreach ($users as $uid) { account_remove($uid, true, false); } notice(sprintf(tt("%s account deleted", "%s accounts deleted", count($users)), count($users))); } // registration approved button was submitted if (x($_POST, 'page_users_approve')) { foreach ($pending as $hash) { account_allow($hash); } } // registration deny button was submitted if (x($_POST, 'page_users_deny')) { foreach ($pending as $hash) { account_deny($hash); } } goaway(z_root() . '/admin/accounts'); }