public function execute($last_result, $parameters = array())
{
$db = DBManager::get();
$dd_func = function ($d) {
delete_document($d);
};
//abgelaufenen News löschen
$deleted_news = StudipNews::DoGarbageCollect();
//messages aufräumen
$to_delete = $db->query("SELECT message_id, count( message_id ) AS gesamt, count(IF (deleted =0, NULL , 1) ) AS geloescht\n FROM message_user GROUP BY message_id HAVING gesamt = geloescht")->fetchAll(PDO::FETCH_COLUMN, 0);
if (count($to_delete)) {
$db->exec("DELETE FROM message_user WHERE message_id IN(" . $db->quote($to_delete) . ")");
$db->exec("DELETE FROM message WHERE message_id IN(" . $db->quote($to_delete) . ")");
$to_delete_attach = $db->query("SELECT dokument_id FROM dokumente WHERE range_id IN(" . $db->quote($to_delete) . ")")->fetchAll(PDO::FETCH_COLUMN, 0);
array_walk($to_delete_attach, $dd_func);
}
//Attachments von nicht versendeten Messages aufräumen
$to_delete_attach = $db->query("SELECT dokument_id FROM dokumente WHERE range_id = 'provisional' AND chdate < UNIX_TIMESTAMP(DATE_ADD(NOW(),INTERVAL -2 HOUR))")->fetchAll(PDO::FETCH_COLUMN, 0);
array_walk($to_delete_attach, $dd_func);
if ($parameters['verbose']) {
printf(_("Gelöschte Ankündigungen: %u") . "\n", (int) $deleted_news);
printf(_("Gelöschte Nachrichten: %u") . "\n", count($to_delete));
printf(_("Gelöschte Dateianhänge: %u") . "\n", count($to_delete_attach));
}
PersonalNotifications::doGarbageCollect();
// Remove old plugin assets
PluginAsset::deleteBySQL('chdate < ?', array(time() - PluginAsset::CACHE_DURATION));
}
}
form_delete($formdir, $row['form_id']);
row_delete("forms", "id = '{$formid}'");
} else {
if ($issue) {
if (!acl_check('admin', 'super')) {
die("Not authorized!");
}
row_delete("issue_encounter", "list_id = '{$issue}'");
row_delete("lists", "id = '{$issue}'");
} else {
if ($document) {
if (!acl_check('admin', 'super')) {
die("Not authorized!");
}
delete_document($document);
} else {
if ($payment) {
if (!acl_check('admin', 'super')) {
die("Not authorized!");
}
list($patient_id, $timestamp, $ref_id) = explode(".", $payment);
$timestamp = decorateString('....-..-.. ..:..:..', $timestamp);
$payres = sqlStatement("SELECT * FROM payments WHERE " . "pid = '{$patient_id}' AND dtime = '{$timestamp}'");
while ($payrow = sqlFetchArray($payres)) {
// Delete the payment.
row_delete("ar_activity", "pid = '{$patient_id}' AND " . "session_id = '{$ref_id}'");
row_delete("ar_session", "patient_id = '{$patient_id}' AND " . "session_id = '{$ref_id}'");
if ($payrow['amount2'] != 0) {
if ($GLOBALS['oer_config']['ws_accounting']['enabled'] === 2) {
$thissrc = '';
function recursiv_folder_delete($parent_id)
{
// Prepare files statement
$query = "SELECT dokument_id FROM dokumente WHERE range_id = ?";
$files_statement = DBManager::get()->prepare($query);
// Prepare delete statement
$query = "DELETE FROM folder WHERE folder_id = ?";
$delete_statement = DBManager::get()->prepare($query);
$doc_count = 0;
$query = "SELECT folder_id FROM folder WHERE range_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($parent_id));
$folder_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
foreach ($folder_ids as $folder_id) {
$doc_count += recursiv_folder_delete($folder_id);
$files_statement->execute(array($folder_id));
$file_ids = $files_statement->fetchAll(PDO::FETCH_COLUMN);
$files_statement->closeCursor();
foreach ($file_ids as $file_id) {
if (delete_document($file_id)) {
$doc_count++;
}
}
$delete_statement->execute(array($folder_id));
}
return $doc_count;
}
$files_to_delete = array_map(function($f) {return htmlReady(StudipDocument::find($f)->filename) . '<input type="hidden" name="download_ids[]" value="' . $f . '">';}, $download_ids);
$template = $template_factory->open('usermanagement/question_form.php');
$template->set_attribute('question', _('Möchten Sie die ausgewählten Dateien wirklich löschen?'));
$template->set_attribute('elements', array('<ul><li>' . join('</li><li>', $files_to_delete) . '</li></ul>'));
$template->set_attribute('approvalbutton', Button::createAccept(_('JA!'), 'delete'));
$template->set_attribute('disapprovalbutton', Button::createCancel(_('NEIN!')));
$template->set_attribute('action', URLHelper::getLink());
$question = $template->render();
}
}
if ($rechte && Request::submitted('delete') && count(Request::optionArray('download_ids'))) {
CSRFProtection::verifyUnsafeRequest();
$deleted = 0;
foreach (Request::optionArray('download_ids') as $one) {
$deleted += delete_document($one);
}
if ($deleted) {
$msg .= "msg§" . sprintf(_("Es wurden %s Dateien gelöscht."), $deleted) . '§';
}
}
///////////////////////////////////////////////////////////
//Ajax-Funktionen
///////////////////////////////////////////////////////////
if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
ob_end_clean();
ob_start();
//Frage den Dateienkörper ab
/**
* Delete an existing user from the database and tidy up
*
* @access public
* @param bool delete all documents belonging to the user
* @return bool Removal successful?
*/
function deleteUser($delete_documents = true)
{
global $perm;
// Do we have permission to do so?
if (!$perm->have_perm("admin")) {
$this->msg .= "error§" . _("Sie haben keine Berechtigung Accounts zu löschen.") . "§";
return FALSE;
}
if (!$perm->have_perm("root")) {
if ($this->user_data['auth_user_md5.perms'] == "root") {
$this->msg .= "error§" . _("Sie haben keine Berechtigung <em>Root-Accounts</em> zu löschen.") . "§";
return FALSE;
}
if ($this->user_data['auth_user_md5.perms'] == "admin" && !$this->adminOK()) {
$this->msg .= "error§" . _("Sie haben keine Berechtigung diesen Admin-Account zu löschen.") . "§";
return FALSE;
}
}
$status = studygroup_sem_types();
// active dozent?
if (empty($status)) {
$active_count = 0;
} else {
$query = "SELECT SUM(c) AS count FROM (\n SELECT COUNT(*) AS c\n FROM seminar_user AS su1\n INNER JOIN seminar_user AS su2 ON (su1.seminar_id = su2.seminar_id AND su2.status = 'dozent')\n INNER JOIN seminare ON (su1.seminar_id = seminare.seminar_id AND seminare.status NOT IN (?))\n WHERE su1.user_id = ? AND su1.status = 'dozent'\n GROUP BY su1.seminar_id\n HAVING c = 1\n ORDER BY NULL\n ) AS sub";
$statement = DBManager::get()->prepare($query);
$statement->execute(array(studygroup_sem_types(), $this->user_data['auth_user_md5.user_id']));
$active_count = $statement->fetchColumn();
}
if ($active_count) {
$this->msg .= sprintf("error§" . _("<em>%s</em> ist Lehrkraft in %s aktiven Veranstaltungen und kann daher nicht gelöscht werden.") . "§", $this->user_data['auth_user_md5.username'], $active_count);
return FALSE;
//founder of studygroup?
} elseif (get_config('STUDYGROUPS_ENABLE')) {
$status = studygroup_sem_types();
if (empty($status)) {
$group_ids = array();
} else {
$query = "SELECT Seminar_id\n FROM seminare AS s\n LEFT JOIN seminar_user AS su USING (Seminar_id)\n WHERE su.status = 'dozent' AND su.user_id = ? AND s.status IN (?)";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id'], studygroup_sem_types()));
$group_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
}
foreach ($group_ids as $group_id) {
$sem = Seminar::GetInstance($group_id);
if (StudygroupModel::countMembers($group_id) > 1) {
// check whether there are tutors or even autors that can be promoted
$tutors = $sem->getMembers('tutor');
$autors = $sem->getMembers('autor');
if (count($tutors) > 0) {
$new_founder = current($tutors);
StudygroupModel::promote_user($new_founder['username'], $sem->getId(), 'dozent');
continue;
} elseif (count($autors) > 0) {
$new_founder = current($autors);
StudygroupModel::promote_user($new_founder['username'], $sem->getId(), 'dozent');
continue;
}
// since no suitable successor was found, we are allowed to remove the studygroup
} else {
$sem->delete();
}
unset($sem);
}
}
// store user preferred language for sending mail
$user_language = getUserLanguagePath($this->user_data['auth_user_md5.user_id']);
// delete documents of this user
if ($delete_documents) {
// Remove private file space of this user
if (Config::get()->PERSONALDOCUMENT_ENABLE) {
$root_dir = new RootDirectory($this->user_data['auth_user_md5.user_id']);
$root_dir->delete();
}
// Remove other files
$temp_count = 0;
$query = "SELECT dokument_id FROM dokumente WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
while ($document_id = $statement->fetchColumn()) {
if (delete_document($document_id)) {
$temp_count++;
}
}
if ($temp_count) {
$this->msg .= "info§" . sprintf(_("%s Dokumente gelöscht."), $temp_count) . "§";
}
// delete empty folders of this user
$temp_count = 0;
$query = "SELECT COUNT(*) FROM folder WHERE range_id = ?";
$count_content = DBManager::get()->prepare($query);
$query = "DELETE FROM folder WHERE folder_id = ?";
$delete_folder = DBManager::get()->prepare($query);
$query = "SELECT folder_id FROM folder WHERE user_id = ? ORDER BY mkdate DESC";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
while ($folder_id = $statement->fetchColumn()) {
$count_content->execute(array($folder_id));
$count = $count_content->fetchColumn();
$count_content->closeCursor();
if (!$count && !doc_count($folder_id)) {
$delete_folder->execute(array($folder_id));
$temp_count += $delete_folder->rowCount();
}
}
if ($temp_count) {
$this->msg .= "info§" . sprintf(_("%s leere Ordner gelöscht."), $temp_count) . "§";
}
// folder left?
$query = "SELECT COUNT(*) FROM folder WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
$count = $statement->fetchColumn();
if ($count) {
$this->msg .= sprintf("info§" . _("%s Ordner konnten nicht gelöscht werden, da sie noch Dokumente anderer BenutzerInnen enthalten.") . "§", $count);
}
}
// kill all the ressources that are assigned to the user (and all the linked or subordinated stuff!)
if (Config::get()->RESOURCES_ENABLE) {
$killAssign = new DeleteResourcesUser($this->user_data['auth_user_md5.user_id']);
$killAssign->delete();
}
$this->re_sort_position_in_seminar_user();
// delete user from seminars (postings will be preserved)
$query = "DELETE FROM seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus Veranstaltungen gelöscht."), $db_ar) . "§";
}
// delete user from waiting lists
$query = "SELECT seminar_id FROM admission_seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
$seminar_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
$query = "DELETE FROM admission_seminar_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus Wartelisten gelöscht."), $db_ar) . "§";
array_map('update_admission', $seminar_ids);
}
// delete user from instituts
$this->logInstUserDel($this->user_data['auth_user_md5.user_id']);
$query = "DELETE FROM user_inst WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus MitarbeiterInnenlisten gelöscht."), $db_ar) . "§";
}
// delete user from Statusgruppen
if ($db_ar = RemovePersonFromAllStatusgruppen(get_username($this->user_data['auth_user_md5.user_id'])) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus Funktionen / Gruppen gelöscht."), $db_ar) . "§";
}
// delete user from archiv
$query = "DELETE FROM archiv_user WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus den Zugriffsberechtigungen für das Archiv gelöscht."), $db_ar) . "§";
}
// delete all personal news from this user
if ($db_ar = StudipNews::DeleteNewsByAuthor($this->user_data['auth_user_md5.user_id'])) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus den Ankündigungen gelöscht."), $db_ar) . "§";
}
if ($db_ar = StudipNews::DeleteNewsRanges($this->user_data['auth_user_md5.user_id'])) {
$this->msg .= "info§" . sprintf(_("%s Verweise auf Ankündigungen gelöscht."), $db_ar) . "§";
}
//delete entry in news_rss_range
StudipNews::UnsetRssId($this->user_data['auth_user_md5.user_id']);
// delete 'Studiengaenge'
$query = "DELETE FROM user_studiengang WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Zuordnungen zu Studiengängen gelöscht."), $db_ar) . "§";
}
// delete all private appointments of this user
if (get_config('CALENDAR_ENABLE')) {
$appkills = CalendarEvent::deleteBySQL('range_id = ?', array($this->user_data['auth_user_md5.user_id']));
if ($appkills) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus den Terminen gelöscht."), $appkills) . "§";
}
// delete membership in group calendars
if (get_config('CALENDAR_GROUP_ENABLE')) {
$membershipkills = CalendarUser::deleteBySQL('owner_id = :user_id OR user_id = :user_id', array(':user_id' => $this->user_data['auth_user_md5.user_id']));
if ($membershipkills) {
$this->msg .= 'info§' . sprintf(_('%s Verknüpfungen mit Gruppenterminkalendern gelöscht.'));
}
}
}
// delete all messages send or received by this user
$messaging = new messaging();
$messaging->delete_all_messages($this->user_data['auth_user_md5.user_id']);
// delete user from all foreign adressbooks and empty own adressbook
$buddykills = Contact::deleteBySQL('user_id = ?', array($this->user_data['auth_user_md5.user_id']));
if ($buddykills > 0) {
$this->msg .= "info§" . sprintf(_("%s Einträge aus Adressbüchern gelöscht."), $buddykills) . "§";
}
$contactkills = Contact::deleteBySQL('owner_id = ?', array($this->user_data['auth_user_md5.user_id']));
if ($contactkills) {
$this->msg .= sprintf(_('Adressbuch mit %d Einträgen gelöscht.'), $contactkills);
}
// delete users groups
Statusgruppen::deleteBySQL('range_id = ?', array($this->user_data['auth_user_md5.user_id']));
// remove user from any groups
StatusgruppeUser::deleteBySQL('user_id = ?', array($this->user_data['auth_user_md5.user_id']));
// delete all blubber entrys
$query = "DELETE FROM blubber WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (($db_ar = $statement->rowCount()) > 0) {
$this->msg .= "info§" . sprintf(_("%s Blubber gelöscht."), $db_ar) . "§";
}
// delete the datafields
$localEntries = DataFieldEntry::removeAll($this->user_data['auth_user_md5.user_id']);
UserConfigEntry::deleteByUser($this->user_data['auth_user_md5.user_id']);
// delete all remaining user data
$queries = array("DELETE FROM kategorien WHERE range_id = ?", "DELETE FROM user_info WHERE user_id = ?", "DELETE FROM user_visibility WHERE user_id = ?", "DELETE FROM user_online WHERE user_id = ?", "DELETE FROM auto_insert_user WHERE user_id = ?", "DELETE FROM roles_user WHERE userid = ?", "DELETE FROM schedule WHERE user_id = ?", "DELETE FROM schedule_seminare WHERE user_id = ?", "DELETE FROM termin_related_persons WHERE user_id = ?", "DELETE FROM user_userdomains WHERE user_id = ?");
foreach ($queries as $query) {
DBManager::get()->prepare($query)->execute(array($this->user_data['auth_user_md5.user_id']));
}
object_kill_visits($this->user_data['auth_user_md5.user_id']);
object_kill_views($this->user_data['auth_user_md5.user_id']);
// delete picture
$avatar = Avatar::getAvatar($this->user_data["auth_user_md5.user_id"]);
if ($avatar->is_customized()) {
$avatar->reset();
$this->msg .= "info§" . _("Bild gelöscht.") . "§";
}
// delete visibility settings
Visibility::removeUserPrivacySettings($this->user_data['auth_user_md5.user_id']);
//delete connected users
if (get_config('ELEARNING_INTERFACE_ENABLE')) {
if (ELearningUtils::initElearningInterfaces()) {
foreach ($GLOBALS['connected_cms'] as $cms) {
if ($cms->auth_necessary && $cms->user instanceof ConnectedUser) {
$user_auto_create = $cms->USER_AUTO_CREATE;
$cms->USER_AUTO_CREATE = false;
$userclass = strtolower(get_class($cms->user));
$connected_user = new $userclass($cms->cms_type, $this->user_data['auth_user_md5.user_id']);
if ($ok = $connected_user->deleteUser()) {
if ($connected_user->is_connected) {
$this->msg .= "info§" . sprintf(_("Der verknüpfte Nutzer %s wurde im System %s gelöscht."), $connected_user->login, $connected_user->cms_type) . "§";
}
}
$cms->USER_AUTO_CREATE = $user_auto_create;
}
}
}
}
// delete deputy entries if necessary
$query = "DELETE FROM deputies WHERE ? IN (user_id, range_id)";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
$deputyEntries = $statement->rowCount();
if ($deputyEntries) {
$this->msg .= "info§" . sprintf(_("%s Einträge in den Vertretungseinstellungen gelöscht."), $deputyEntries) . "§";
}
// delete Stud.IP account
$query = "DELETE FROM auth_user_md5 WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($this->user_data['auth_user_md5.user_id']));
if (!$statement->rowCount()) {
$this->msg .= "error§<em>" . _("Fehler:") . "</em> " . $query . "§";
return FALSE;
} else {
$this->msg .= "msg§" . sprintf(_("Benutzer \"%s\" gelöscht."), $this->user_data['auth_user_md5.username']) . "§";
}
log_event("USER_DEL", $this->user_data['auth_user_md5.user_id'], NULL, sprintf("%s %s (%s)", $this->user_data['auth_user_md5.Vorname'], $this->user_data['auth_user_md5.Nachname'], $this->user_data['auth_user_md5.username']));
//log with Vorname Nachname (username) as info string
// Can we reach the email?
if ($this->checkMail($this->user_data['auth_user_md5.Email'])) {
// include language-specific subject and mailbody
$Zeit = date("H:i:s, d.m.Y", time());
include "locale/{$user_language}/LC_MAILS/delete_mail.inc.php";
// send mail
StudipMail::sendMessage($this->user_data['auth_user_md5.Email'], $subject, $mailbody);
}
unset($this->user_data);
return TRUE;
}
echo '<a href="./admin_panel.php?action=exit">Выход</a></br>';
echo '<table>
<tr>
<th>Управление пользователями</th>
<th>Управление документами</th>
</tr>
<tr>
<td>
';
$users = get_users(null);
foreach ($users['ID'] as $i => $user) {
echo $users['NAME'][$i] . ' ' . $users['SURNAME'][$i] . ' <a href="./admin_panel.php?delete_user='******'ID'][$i] . '"> (УДАЛИТЬ)</a></br>';
}
echo '</td><td>';
$documents = get_documents(null);
foreach ($documents['ID'] as $i => $document) {
echo $documents['TITLE'][$i] . ' ' . $documents['CR'][$i] . ' <a href="./admin_panel.php?delete_document=' . $documents['ID'][$i] . '"> (УДАЛИТЬ)</a></br>';
}
if (isset($_GET['delete_user'])) {
delete_user($_GET['delete_user']);
}
if (isset($_GET['delete_document'])) {
delete_document($_GET['delete_document']);
header('Location: ./admin_panel.php');
}
if (isset($_GET['action'])) {
session_destroy();
header('Location: ./admin.php');
}
}