public function action($id, $action)
{
// Include UTF-8 function
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/substr_replace.php';
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/ucwords.php';
// utf8_ucwords needs utf8_substr_replace
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/Helpers/utf8/strcasecmp.php';
if ($action != 'change_pass' || !$this->request->get('key')) {
if ($this->user->g_read_board == '0') {
throw new Error(__('No view'), 403);
} elseif ($this->user->g_view_users == '0' && ($this->user->is_guest || $this->user->id != $id)) {
throw new Error(__('No permission'), 403);
}
}
if ($action == 'change_pass') {
$this->model->change_pass($id, $this->feather);
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Change pass')), 'active_page' => 'profile', 'id' => $id, 'required_fields' => array('req_old_password' => __('Old pass'), 'req_new_password1' => __('New pass'), 'req_new_password2' => __('Confirm new pass')), 'focus_element' => array('change_pass', !$this->user->is_admmod ? 'req_old_password' : 'req_new_password1')));
$this->feather->template->addTemplate('profile/change_pass.php')->display();
} elseif ($action == 'change_email') {
$this->model->change_email($id, $this->feather);
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Change email')), 'active_page' => 'profile', 'required_fields' => array('req_new_email' => __('New email'), 'req_password' => __('Password')), 'focus_element' => array('change_email', 'req_new_email'), 'id' => $id));
$this->feather->template->addTemplate('profile/change_mail.php')->display();
} elseif ($action == 'upload_avatar' || $action == 'upload_avatar2') {
if ($this->config['o_avatars'] == '0') {
throw new Error(__('Avatars disabled'), 400);
}
if ($this->user->id != $id && !$this->user->is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($this->feather->request()->isPost()) {
$this->model->upload_avatar($id, $_FILES);
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Profile'), __('Upload avatar')), 'active_page' => 'profile', 'required_fields' => array('req_file' => __('File')), 'focus_element' => array('upload_avatar', 'req_file'), 'id' => $id));
$this->feather->template->addTemplate('profile/upload_avatar.php')->display();
} elseif ($action == 'delete_avatar') {
if ($this->user->id != $id && !$this->user->is_admmod) {
throw new Error(__('No permission'), 403);
}
Delete::avatar($id);
Url::redirect($this->feather->urlFor('profileSection', array('id' => $id, 'section' => 'personality')), __('Avatar deleted redirect'));
} elseif ($action == 'promote') {
if ($this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && ($this->user->g_moderator != '1' || $this->user->g_mod_promote_users == '0')) {
throw new Error(__('No permission'), 403);
}
$this->model->promote_user($id, $this->feather);
} else {
throw new Error(__('Bad request'), 404);
}
}
public function delete_user($id)
{
$id = Container::get('hooks')->fire('model.profile.delete_user_start', $id);
// Get the username and group of the user we are deleting
$result['select'] = array('group_id', 'username');
$result = DB::for_table('users')->where('id', $id)->select_many($result['select']);
$result = Container::get('hooks')->fireDB('model.profile.delete_user_username', $result);
$result = $result->find_one();
$group_id = $result['group_id'];
$username = $result['username'];
if ($group_id == ForumEnv::get('FEATHER_ADMIN')) {
throw new Error(__('No delete admin message'));
}
if (Input::post('delete_user_comply')) {
// If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well
$group_mod = DB::for_table('groups')->where('g_id', $group_id);
$group_mod = Container::get('hooks')->fireDB('model.profile.delete_user_group_mod', $group_mod);
$group_mod = $group_mod->find_one_col('g_moderator');
if ($group_id == ForumEnv::get('FEATHER_ADMIN') || $group_mod == '1') {
// Loop through all forums
$result = $this->loop_mod_forums();
foreach ($result as $cur_forum) {
$cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array();
if (in_array($id, $cur_moderators)) {
unset($cur_moderators[$username]);
$update_forums = DB::for_table('forums')->where('id', $cur_forum['id'])->find_one();
if (!empty($cur_moderators)) {
$update_forums = $update_forums->set('moderators', serialize($cur_moderators));
} else {
$update_forums = $update_forums->set_expr('moderators', 'NULL');
}
$update_forums = Container::get('hooks')->fireDB('model.profile.update_mod_forums_query', $update_forums);
$update_forums = $update_forums->save();
}
}
}
// Delete any subscriptions
$delete_subscriptions = DB::for_table('topic_subscriptions')->where('user_id', $id);
$delete_subscriptions = Container::get('hooks')->fireDB('model.profile.delete_user_subscriptions_topic', $delete_subscriptions);
$delete_subscriptions = $delete_subscriptions->delete_many();
unset($delete_subscriptions);
$delete_subscriptions = DB::for_table('forum_subscriptions')->where('user_id', $id);
$delete_subscriptions = Container::get('hooks')->fireDB('model.profile.delete_user_subscriptions_forum', $delete_subscriptions);
$delete_subscriptions = $delete_subscriptions->delete_many();
// Remove him/her from the online list (if they happen to be logged in)
$delete_online = DB::for_table('online')->where('user_id', $id);
$delete_online = Container::get('hooks')->fireDB('model.profile.delete_user_online', $delete_online);
$delete_online = $delete_online->delete_many();
// Should we delete all posts made by this user?
if (Input::post('delete_posts')) {
// Hold on, this could take some time!
@set_time_limit(0);
Container::get('hooks')->fire('model.profile.delete_user_posts');
// Find all posts made by this user
unset($result);
$result['select'] = array('p.id', 'p.topic_id', 't.forum_id');
$result = DB::for_table('posts')->table_alias('p')->select_many($result['select'])->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where('p.poster_id', $id);
$result = Container::get('hooks')->fireDB('model.profile.delete_user_posts_first_query', $result);
$result = $result->find_many();
if ($result) {
foreach ($result as $cur_post) {
// Determine whether this post is the "topic post" or not
$result2 = DB::for_table('posts')->where('topic_id', $cur_post['topic_id'])->order_by('posted');
$result2 = Container::get('hooks')->fireDB('model.profile.delete_user_posts_second_query', $result2);
$result2 = $result2->find_one_col('id');
if ($result2 == $cur_post['id']) {
Delete::topic($cur_post['topic_id']);
} else {
Delete::post($cur_post['id'], $cur_post['topic_id']);
}
Forum::update($cur_post['forum_id']);
}
}
} else {
// Set all his/her posts to guest
$update_guest = DB::for_table('posts')->where_in('poster_id', '1');
$update_guest = Container::get('hooks')->fireDB('model.profile.delete_user_posts_guest_query', $update_guest);
$update_guest = $update_guest->update_many('poster_id', $id);
}
// Delete the user
$delete_user = DB::for_table('users')->where('id', $id);
$delete_user = $delete_user->delete_many();
// Delete user avatar
$this->delete_avatar($id);
// Regenerate the users info cache
Container::get('cache')->store('users_info', Cache::get_users_info());
$stats = Container::get('cache')->retrieve('users_info');
if ($group_id == ForumEnv::get('FEATHER_ADMIN')) {
Container::get('cache')->store('admin_ids', Cache::get_admin_ids());
}
Container::get('hooks')->fire('model.profile.delete_user');
return Router::redirect(Router::pathFor('home'), __('User delete redirect'));
}
}
public function delete_users()
{
if ($this->request->post('users')) {
$user_ids = is_array($this->request->post('users')) ? array_keys($this->request->post('users')) : explode(',', $this->request->post('users'));
$user_ids = array_map('intval', $user_ids);
// Delete invalid IDs
$user_ids = array_diff($user_ids, array(0, 1));
} else {
$user_ids = array();
}
$user_ids = $this->hook->fire('model.users.delete_users.user_ids', $user_ids);
if (empty($user_ids)) {
throw new Error(__('No users selected'), 404);
}
// Are we trying to delete any admins?
$is_admin = DB::for_table('users')->where_in('id', $user_ids)->where('group_id', $this->feather->forum_env['FEATHER_ADMIN'])->find_one();
if ($is_admin) {
throw new Error(__('No delete admins message'), 403);
}
if ($this->request->post('delete_users_comply')) {
// Fetch user groups
$user_groups = array();
$result['select'] = array('id', 'group_id');
$result = DB::for_table('users')->select_many($result['select'])->where_in('id', $user_ids);
$result = $this->hook->fireDB('model.users.delete_users.user_groups_query', $result);
$result = $result->find_many();
foreach ($result as $cur_user) {
if (!isset($user_groups[$cur_user['group_id']])) {
$user_groups[$cur_user['group_id']] = array();
}
$user_groups[$cur_user['group_id']][] = $cur_user['id'];
}
// Are any users moderators?
$group_ids = array_keys($user_groups);
$select_fetch_user_mods = array('g_id', 'g_moderator');
$result = DB::for_table('groups')->select_many($select_fetch_user_mods)->where_in('g_id', $group_ids)->find_many();
foreach ($result as $cur_group) {
if ($cur_group['g_moderator'] == '0') {
unset($user_groups[$cur_group['g_id']]);
}
}
$user_groups = $this->hook->fire('model.users.delete_users.user_groups', $user_groups);
// Fetch forum list and clean up their moderator list
$select_mods = array('id', 'moderators');
$result = DB::for_table('forums')->select_many($select_mods)->find_many();
foreach ($result as $cur_forum) {
$cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array();
foreach ($user_groups as $group_users) {
$cur_moderators = array_diff($cur_moderators, $group_users);
}
if (!empty($cur_moderators)) {
DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save();
} else {
DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set_expr('moderators', 'NULL')->save();
}
}
// Delete any subscriptions
DB::for_table('topic_subscriptions')->where_in('user_id', $user_ids)->delete_many();
DB::for_table('forum_subscriptions')->where_in('user_id', $user_ids)->delete_many();
// Remove them from the online list (if they happen to be logged in)
DB::for_table('online')->where_in('user_id', $user_ids)->delete_many();
// Should we delete all posts made by these users?
if ($this->request->post('delete_posts')) {
@set_time_limit(0);
// Find all posts made by this user
$select_user_posts = array('p.id', 'p.topic_id', 't.forum_id');
$result = DB::for_table('posts')->table_alias('p')->select_many($select_user_posts)->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where('p.poster_id', $user_ids);
$result = $this->hook->fireDB('model.users.delete_users.user_posts_query', $result);
$result = $result->find_many();
if ($result) {
foreach ($result as $cur_post) {
// Determine whether this post is the "topic post" or not
$result2 = DB::for_table('posts')->where('topic_id', $cur_post['topic_id'])->order_by('posted')->find_one_col('id');
if ($result2 == $cur_post['id']) {
\FeatherBB\Model\Delete::topic($cur_post['topic_id']);
} else {
\FeatherBB\Model\Delete::post($cur_post['id'], $cur_post['topic_id']);
}
\FeatherBB\Model\Forum::update($cur_post['forum_id']);
}
}
} else {
// Set all their posts to guest
// TODO: invert where_in and update_many values ? To test.
DB::for_table('posts')->where_in('poster_id', '1')->update_many('poster_id', $user_ids);
}
// Delete the users
DB::for_table('users')->where_in('id', $user_ids)->delete_many();
// Delete user avatars
foreach ($user_ids as $user_id) {
Delete::avatar($user_id);
}
// Regenerate the users info cache
if (!$this->feather->cache->isCached('users_info')) {
$this->feather->cache->store('users_info', Cache::get_users_info());
}
$stats = $this->feather->cache->retrieve('users_info');
Url::redirect($this->feather->urlFor('adminUsers'), __('Users delete redirect'));
}
return $user_ids;
}
