diff options
| author | Fabio Comuni <fabrix.xm@gmail.com> | 2011-06-16 14:56:43 +0200 |
|---|---|---|
| committer | Fabio Comuni <fabrix.xm@gmail.com> | 2011-06-16 14:56:43 +0200 |
| commit | ede011cc32b34b9da797813a0a901847d2a68a7a (patch) | |
| tree | f7b30ecb8d7df4fb12c5694bfd39792ea5d40499 /mod | |
| parent | c94b809634cd92c69be3483c935e6741b7d0c090 (diff) | |
| download | volse-hubzilla-ede011cc32b34b9da797813a0a901847d2a68a7a.tar.gz volse-hubzilla-ede011cc32b34b9da797813a0a901847d2a68a7a.tar.bz2 volse-hubzilla-ede011cc32b34b9da797813a0a901847d2a68a7a.zip | |
Admin users page. some fix to template processor.
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/admin.php | 107 | ||||
| -rw-r--r-- | mod/regmod.php | 168 |
2 files changed, 195 insertions, 80 deletions
diff --git a/mod/admin.php b/mod/admin.php index d5f27a44a..6f411bdb1 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -22,6 +22,9 @@ function admin_post(&$a){ case 'site': admin_page_site_post($a); break; + case 'users': + admin_page_users_post($a); + break; case 'logs': admin_page_logs_post($a); break; @@ -307,8 +310,74 @@ function admin_page_site(&$a) { /** * Users admin page */ +function admin_page_users_post(&$a){ + $users=array(); $pending=array(); + foreach($_POST as $k=>$v){ + if (substr($k,0,5)=="user_") $users[] = substr($k,5,strlen($k)-5); + if (substr($k,0,8)=="pending_") $users[] = substr($k,8,strlen($k)-8); + } + + if (x($_POST,'page_users_block')){ + foreach($users as $uid){ + q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s", + intval( $uid ) + ); + } + notice( sprintf( tt("%s user blocked", "%s users blocked", count($users)), count($users)) ); + } + if (x($_POST,'page_users_delete')){ + require_once("include/Contact.php"); + foreach($users as $uid){ + user_remove($uid); + } + notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) ); + } + + if (x($_POST,'page_users_approve')){ + require_once("include/regmod.php"); + foreach($pending as $hash){ + user_allow($hash); + } + } + if (x($_POST,'page_users_deny')){ + require_once("include/regmod.php"); + foreach($pending as $hash){ + user_deny($hash); + } + } + goaway($a->get_baseurl() . '/admin/users' ); + return; // NOTREACHED +} function admin_page_users(&$a){ + if ($a->argc>2) { + $uid = $a->argv[3]; + $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid)); + if (count($user)==0){ + notice( 'User not found' . EOL); + goaway($a->get_baseurl() . '/admin/users' ); + return; // NOTREACHED + } + switch($a->argv[2]){ + case "delete":{ + // delete user + require_once("include/Contact.php"); + user_remove($uid); + + notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL); + }; break; + case "block":{ + q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s", + intval( 1-$user[0]['blocked'] ), + intval( $uid ) + ); + }; break; + } + goaway($a->get_baseurl() . '/admin/users' ); + return; // NOTREACHED + + } + /* get pending */ $pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email` FROM `register` @@ -316,11 +385,34 @@ function admin_page_users(&$a){ LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;"); /* get users */ - $users = q("SELECT `user`.*, `contact`.`name` FROM `user` - LEFT JOIN `contact` ON `user`.`uid` = `contact`.`uid` - WHERE `user`.`verified`=1 AND `contact`.`self`=1 - ORDER BY `contact`.`name`"); + $users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro` , `lastitem`.`changed` AS `lastitem_date` + FROM ( + SELECT `item`.`changed` , `item`.`uid` + FROM `item` + GROUP BY `uid` + ORDER BY `item`.`changed` + ) AS `lastitem` , `user` + LEFT JOIN `contact` ON `user`.`uid` = `contact`.`uid` + WHERE `user`.`verified` =1 + AND `contact`.`self` =1 + AND `lastitem`.`uid` = `user`.`uid` + ORDER BY `contact`.`name` + "); + function _setup_users($e){ + $accounts = Array( + t('Normal Account'), + t('Soapbox Account'), + t('Community/Celebrity Account'), + t('Automatic Friend Account') + ); + $e['page-flags'] = $accounts[$e['page-flags']]; + $e['register_date'] = relative_date($e['register_date']); + $e['login_date'] = relative_date($e['login_date']); + $e['lastitem_date'] = relative_date($e['lastitem_date']); + return $e; + } + $users = array_map("_setup_users", $users); $t = get_markup_template("admin_users.tpl"); return replace_macros($t, array( @@ -336,9 +428,14 @@ function admin_page_users(&$a){ '$deny' => t('Deny'), '$delete' => t('Delete'), '$block' => t('Block'), + '$unblock' => t('Unblock'), '$h_users' => t('Users'), - '$th_users' => array( t('Name'), t('Nickname'), t('Email'), t('Register date'), t('Last login') ), + '$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ), + + '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'), + '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'), + // values // '$baseurl' => $a->get_baseurl(), diff --git a/mod/regmod.php b/mod/regmod.php index 9873f1094..8e6a577d4 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -1,6 +1,96 @@ <?php +function user_allow($hash) { + $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($hash) + ); + + if(! count($register)) + return false; + + $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + + if(! count($user)) + killme(); + + $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($register[0]['hash']) + ); + + + $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + + $r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1", + intval($user[0]['uid']) + ); + if(count($r) && $r[0]['net-publish']) { + $url = $a->get_baseurl() . '/profile/' . $user[0]['nickname']; + if($url && strlen(get_config('system','directory_submit_url'))) + proc_run('php',"include/directory.php","$url"); + } + + push_lang($register[0]['language']); + + $email_tpl = get_intltext_template("register_open_eml.tpl"); + $email_tpl = replace_macros($email_tpl, array( + '$sitename' => $a->config['sitename'], + '$siteurl' => $a->get_baseurl(), + '$username' => $user[0]['username'], + '$email' => $user[0]['email'], + '$password' => $register[0]['password'], + '$uid' => $user[0]['uid'] + )); + + $res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']), + $email_tpl, + 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" + . 'Content-type: text/plain; charset=UTF-8' . "\n" + . 'Content-transfer-encoding: 8bit' ); + + pop_lang(); + + if($res) { + info( t('Account approved.') . EOL ); + return true; + } + +} + +function user_deny($hash) { + + $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($hash) + ); + + if(! count($register)) + return false; + + $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + + $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + $r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + $r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + + $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($register[0]['hash']) + ); + notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL); + return true; + +} function regmod_content(&$a) { @@ -14,7 +104,7 @@ function regmod_content(&$a) { return $o; } - if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) { + if(!is_site_admin()) { notice( t('Permission denied.') . EOL); return ''; } @@ -26,84 +116,12 @@ function regmod_content(&$a) { $hash = $a->argv[2]; - $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1", - dbesc($hash) - ); - - - if(! count($register)) - killme(); - - $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", - intval($register[0]['uid']) - ); if($cmd === 'deny') { - - $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1", - intval($register[0]['uid']) - ); - $r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1", - intval($register[0]['uid']) - ); - $r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1", - intval($register[0]['uid']) - ); - - $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1", - dbesc($register[0]['hash']) - ); - notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL); - return; - + if (!user_deny($hash)) killme(); } if($cmd === 'allow') { - - if(! count($user)) - killme(); - - $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1", - dbesc($register[0]['hash']) - ); - - - $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1", - intval($register[0]['uid']) - ); - - $r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1", - intval($user[0]['uid']) - ); - if(count($r) && $r[0]['net-publish']) { - $url = $a->get_baseurl() . '/profile/' . $user[0]['nickname']; - if($url && strlen(get_config('system','directory_submit_url'))) - proc_run('php',"include/directory.php","$url"); - } - - push_lang($register[0]['language']); - - $email_tpl = get_intltext_template("register_open_eml.tpl"); - $email_tpl = replace_macros($email_tpl, array( - '$sitename' => $a->config['sitename'], - '$siteurl' => $a->get_baseurl(), - '$username' => $user[0]['username'], - '$email' => $user[0]['email'], - '$password' => $register[0]['password'], - '$uid' => $user[0]['uid'] - )); - - $res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']), - $email_tpl, - 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); - - pop_lang(); - - if($res) { - info( t('Account approved.') . EOL ); - return; - } + if (!user_allow($hash)) killme(); } } |