示例#1
0
 /**
  * Delete an existing user from the database and tidy up
  *
  * @access   public
  * @param    bool delete all documents belonging to the user
  * @return   bool Removal successful?
  */
 function deleteUser($delete_documents = true)
 {
     global $perm;
     // Do we have permission to do so?
     if (!$perm->have_perm("admin")) {
         $this->msg .= "error§" . _("Sie haben keine Berechtigung Accounts zu löschen.") . "§";
         return FALSE;
     }
     if (!$perm->have_perm("root")) {
         if ($this->user_data['auth_user_md5.perms'] == "root") {
             $this->msg .= "error§" . _("Sie haben keine Berechtigung <em>Root-Accounts</em> zu löschen.") . "§";
             return FALSE;
         }
         if ($this->user_data['auth_user_md5.perms'] == "admin" && !$this->adminOK()) {
             $this->msg .= "error§" . _("Sie haben keine Berechtigung diesen Admin-Account zu löschen.") . "§";
             return FALSE;
         }
     }
     $status = studygroup_sem_types();
     // active dozent?
     if (empty($status)) {
         $active_count = 0;
     } else {
         $query = "SELECT SUM(c) AS count FROM (\n                          SELECT COUNT(*) AS c\n                          FROM seminar_user AS su1\n                          INNER JOIN seminar_user AS su2 ON (su1.seminar_id = su2.seminar_id AND su2.status = 'dozent')\n                          INNER JOIN seminare ON (su1.seminar_id = seminare.seminar_id AND seminare.status NOT IN (?))\n                          WHERE su1.user_id = ? AND su1.status = 'dozent'\n                          GROUP BY su1.seminar_id\n                          HAVING c = 1\n                          ORDER BY NULL\n                      ) AS sub";
         $statement = DBManager::get()->prepare($query);
         $statement->execute(array(studygroup_sem_types(), $this->user_data['auth_user_md5.user_id']));
         $active_count = $statement->fetchColumn();
     }
     if ($active_count) {
         $this->msg .= sprintf("error§" . _("<em>%s</em> ist Lehrkraft in %s aktiven Veranstaltungen und kann daher nicht gelöscht werden.") . "§", $this->user_data['auth_user_md5.username'], $active_count);
         return FALSE;
         //founder of studygroup?
     } elseif (get_config('STUDYGROUPS_ENABLE')) {
         $status = studygroup_sem_types();
         if (empty($status)) {
             $group_ids = array();
         } else {
             $query = "SELECT Seminar_id\n                          FROM seminare AS s\n                          LEFT JOIN seminar_user AS su USING (Seminar_id)\n                          WHERE su.status = 'dozent' AND su.user_id = ? AND s.status IN (?)";
             $statement = DBManager::get()->prepare($query);
             $statement->execute(array($this->user_data['auth_user_md5.user_id'], studygroup_sem_types()));
             $group_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
         }
         foreach ($group_ids as $group_id) {
             $sem = Seminar::GetInstance($group_id);
             if (StudygroupModel::countMembers($group_id) > 1) {
                 // check whether there are tutors or even autors that can be promoted
                 $tutors = $sem->getMembers('tutor');
                 $autors = $sem->getMembers('autor');
                 if (count($tutors) > 0) {
                     $new_founder = current($tutors);
                     StudygroupModel::promote_user($new_founder['username'], $sem->getId(), 'dozent');
                     continue;
                 } elseif (count($autors) > 0) {
                     $new_founder = current($autors);
                     StudygroupModel::promote_user($new_founder['username'], $sem->getId(), 'dozent');
                     continue;
                 }
                 // since no suitable successor was found, we are allowed to remove the studygroup
             } else {
                 $sem->delete();
             }
             unset($sem);
         }
     }
     // store user preferred language for sending mail
     $user_language = getUserLanguagePath($this->user_data['auth_user_md5.user_id']);
     // delete documents of this user
     if ($delete_documents) {
         // Remove private file space of this user
         if (Config::get()->PERSONALDOCUMENT_ENABLE) {
             $root_dir = new RootDirectory($this->user_data['auth_user_md5.user_id']);
             $root_dir->delete();
         }
         // Remove other files
         $temp_count = 0;
         $query = "SELECT dokument_id FROM dokumente WHERE user_id = ?";
         $statement = DBManager::get()->prepare($query);
         $statement->execute(array($this->user_data['auth_user_md5.user_id']));
         while ($document_id = $statement->fetchColumn()) {
             if (delete_document($document_id)) {
                 $temp_count++;
             }
         }
         if ($temp_count) {
             $this->msg .= "info§" . sprintf(_("%s Dokumente gelöscht."), $temp_count) . "§";
         }
         // delete empty folders of this user
         $temp_count = 0;
         $query = "SELECT COUNT(*) FROM folder WHERE range_id = ?";
         $count_content = DBManager::get()->prepare($query);
         $query = "DELETE FROM folder WHERE folder_id = ?";
         $delete_folder = DBManager::get()->prepare($query);
         $query = "SELECT folder_id FROM folder WHERE user_id = ? ORDER BY mkdate DESC";
         $statement = DBManager::get()->prepare($query);
         $statement->execute(array($this->user_data['auth_user_md5.user_id']));
         while ($folder_id = $statement->fetchColumn()) {
             $count_content->execute(array($folder_id));
             $count = $count_content->fetchColumn();
             $count_content->closeCursor();
             if (!$count && !doc_count($folder_id)) {
                 $delete_folder->execute(array($folder_id));
                 $temp_count += $delete_folder->rowCount();
             }
         }
         if ($temp_count) {
             $this->msg .= "info§" . sprintf(_("%s leere Ordner gelöscht."), $temp_count) . "§";
         }
         // folder left?
         $query = "SELECT COUNT(*) FROM folder WHERE user_id = ?";
         $statement = DBManager::get()->prepare($query);
         $statement->execute(array($this->user_data['auth_user_md5.user_id']));
         $count = $statement->fetchColumn();
         if ($count) {
             $this->msg .= sprintf("info§" . _("%s Ordner konnten nicht gelöscht werden, da sie noch Dokumente anderer BenutzerInnen enthalten.") . "§", $count);
         }
     }
     // kill all the ressources that are assigned to the user (and all the linked or subordinated stuff!)
     if (Config::get()->RESOURCES_ENABLE) {
         $killAssign = new DeleteResourcesUser($this->user_data['auth_user_md5.user_id']);
         $killAssign->delete();
     }
     $this->re_sort_position_in_seminar_user();
     // delete user from seminars (postings will be preserved)
     $query = "DELETE FROM seminar_user WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (($db_ar = $statement->rowCount()) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus Veranstaltungen gelöscht."), $db_ar) . "§";
     }
     // delete user from waiting lists
     $query = "SELECT seminar_id FROM admission_seminar_user WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     $seminar_ids = $statement->fetchAll(PDO::FETCH_COLUMN);
     $query = "DELETE FROM admission_seminar_user WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (($db_ar = $statement->rowCount()) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus Wartelisten gelöscht."), $db_ar) . "§";
         array_map('update_admission', $seminar_ids);
     }
     // delete user from instituts
     $this->logInstUserDel($this->user_data['auth_user_md5.user_id']);
     $query = "DELETE FROM user_inst WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (($db_ar = $statement->rowCount()) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus MitarbeiterInnenlisten gelöscht."), $db_ar) . "§";
     }
     // delete user from Statusgruppen
     if ($db_ar = RemovePersonFromAllStatusgruppen(get_username($this->user_data['auth_user_md5.user_id'])) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus Funktionen / Gruppen gelöscht."), $db_ar) . "§";
     }
     // delete user from archiv
     $query = "DELETE FROM archiv_user WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (($db_ar = $statement->rowCount()) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus den Zugriffsberechtigungen für das Archiv gelöscht."), $db_ar) . "§";
     }
     // delete all personal news from this user
     if ($db_ar = StudipNews::DeleteNewsByAuthor($this->user_data['auth_user_md5.user_id'])) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus den Ankündigungen gelöscht."), $db_ar) . "§";
     }
     if ($db_ar = StudipNews::DeleteNewsRanges($this->user_data['auth_user_md5.user_id'])) {
         $this->msg .= "info§" . sprintf(_("%s Verweise auf Ankündigungen gelöscht."), $db_ar) . "§";
     }
     //delete entry in news_rss_range
     StudipNews::UnsetRssId($this->user_data['auth_user_md5.user_id']);
     // delete 'Studiengaenge'
     $query = "DELETE FROM user_studiengang WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (($db_ar = $statement->rowCount()) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Zuordnungen zu Studiengängen gelöscht."), $db_ar) . "§";
     }
     // delete all private appointments of this user
     if (get_config('CALENDAR_ENABLE')) {
         $appkills = CalendarEvent::deleteBySQL('range_id = ?', array($this->user_data['auth_user_md5.user_id']));
         if ($appkills) {
             $this->msg .= "info§" . sprintf(_("%s Einträge aus den Terminen gelöscht."), $appkills) . "§";
         }
         // delete membership in group calendars
         if (get_config('CALENDAR_GROUP_ENABLE')) {
             $membershipkills = CalendarUser::deleteBySQL('owner_id = :user_id OR user_id = :user_id', array(':user_id' => $this->user_data['auth_user_md5.user_id']));
             if ($membershipkills) {
                 $this->msg .= 'info§' . sprintf(_('%s Verknüpfungen mit Gruppenterminkalendern gelöscht.'));
             }
         }
     }
     // delete all messages send or received by this user
     $messaging = new messaging();
     $messaging->delete_all_messages($this->user_data['auth_user_md5.user_id']);
     // delete user from all foreign adressbooks and empty own adressbook
     $buddykills = Contact::deleteBySQL('user_id = ?', array($this->user_data['auth_user_md5.user_id']));
     if ($buddykills > 0) {
         $this->msg .= "info§" . sprintf(_("%s Einträge aus Adressbüchern gelöscht."), $buddykills) . "§";
     }
     $contactkills = Contact::deleteBySQL('owner_id = ?', array($this->user_data['auth_user_md5.user_id']));
     if ($contactkills) {
         $this->msg .= sprintf(_('Adressbuch mit %d Einträgen gelöscht.'), $contactkills);
     }
     // delete users groups
     Statusgruppen::deleteBySQL('range_id = ?', array($this->user_data['auth_user_md5.user_id']));
     // remove user from any groups
     StatusgruppeUser::deleteBySQL('user_id = ?', array($this->user_data['auth_user_md5.user_id']));
     // delete all blubber entrys
     $query = "DELETE FROM blubber WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (($db_ar = $statement->rowCount()) > 0) {
         $this->msg .= "info§" . sprintf(_("%s Blubber gelöscht."), $db_ar) . "§";
     }
     // delete the datafields
     $localEntries = DataFieldEntry::removeAll($this->user_data['auth_user_md5.user_id']);
     UserConfigEntry::deleteByUser($this->user_data['auth_user_md5.user_id']);
     // delete all remaining user data
     $queries = array("DELETE FROM kategorien WHERE range_id = ?", "DELETE FROM user_info WHERE user_id = ?", "DELETE FROM user_visibility WHERE user_id = ?", "DELETE FROM user_online WHERE user_id = ?", "DELETE FROM auto_insert_user WHERE user_id = ?", "DELETE FROM roles_user WHERE userid = ?", "DELETE FROM schedule WHERE user_id = ?", "DELETE FROM schedule_seminare WHERE user_id = ?", "DELETE FROM termin_related_persons WHERE user_id = ?", "DELETE FROM user_userdomains WHERE user_id = ?");
     foreach ($queries as $query) {
         DBManager::get()->prepare($query)->execute(array($this->user_data['auth_user_md5.user_id']));
     }
     object_kill_visits($this->user_data['auth_user_md5.user_id']);
     object_kill_views($this->user_data['auth_user_md5.user_id']);
     // delete picture
     $avatar = Avatar::getAvatar($this->user_data["auth_user_md5.user_id"]);
     if ($avatar->is_customized()) {
         $avatar->reset();
         $this->msg .= "info§" . _("Bild gelöscht.") . "§";
     }
     // delete visibility settings
     Visibility::removeUserPrivacySettings($this->user_data['auth_user_md5.user_id']);
     //delete connected users
     if (get_config('ELEARNING_INTERFACE_ENABLE')) {
         if (ELearningUtils::initElearningInterfaces()) {
             foreach ($GLOBALS['connected_cms'] as $cms) {
                 if ($cms->auth_necessary && $cms->user instanceof ConnectedUser) {
                     $user_auto_create = $cms->USER_AUTO_CREATE;
                     $cms->USER_AUTO_CREATE = false;
                     $userclass = strtolower(get_class($cms->user));
                     $connected_user = new $userclass($cms->cms_type, $this->user_data['auth_user_md5.user_id']);
                     if ($ok = $connected_user->deleteUser()) {
                         if ($connected_user->is_connected) {
                             $this->msg .= "info§" . sprintf(_("Der verknüpfte Nutzer %s wurde im System %s gelöscht."), $connected_user->login, $connected_user->cms_type) . "§";
                         }
                     }
                     $cms->USER_AUTO_CREATE = $user_auto_create;
                 }
             }
         }
     }
     // delete deputy entries if necessary
     $query = "DELETE FROM deputies WHERE ? IN (user_id, range_id)";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     $deputyEntries = $statement->rowCount();
     if ($deputyEntries) {
         $this->msg .= "info§" . sprintf(_("%s Einträge in den Vertretungseinstellungen gelöscht."), $deputyEntries) . "§";
     }
     // delete Stud.IP account
     $query = "DELETE FROM auth_user_md5 WHERE user_id = ?";
     $statement = DBManager::get()->prepare($query);
     $statement->execute(array($this->user_data['auth_user_md5.user_id']));
     if (!$statement->rowCount()) {
         $this->msg .= "error§<em>" . _("Fehler:") . "</em> " . $query . "§";
         return FALSE;
     } else {
         $this->msg .= "msg§" . sprintf(_("Benutzer \"%s\" gelöscht."), $this->user_data['auth_user_md5.username']) . "§";
     }
     log_event("USER_DEL", $this->user_data['auth_user_md5.user_id'], NULL, sprintf("%s %s (%s)", $this->user_data['auth_user_md5.Vorname'], $this->user_data['auth_user_md5.Nachname'], $this->user_data['auth_user_md5.username']));
     //log with Vorname Nachname (username) as info string
     // Can we reach the email?
     if ($this->checkMail($this->user_data['auth_user_md5.Email'])) {
         // include language-specific subject and mailbody
         $Zeit = date("H:i:s, d.m.Y", time());
         include "locale/{$user_language}/LC_MAILS/delete_mail.inc.php";
         // send mail
         StudipMail::sendMessage($this->user_data['auth_user_md5.Email'], $subject, $mailbody);
     }
     unset($this->user_data);
     return TRUE;
 }