aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/admin.php590
-rw-r--r--mod/regmod.php168
2 files changed, 683 insertions, 75 deletions
diff --git a/mod/admin.php b/mod/admin.php
new file mode 100644
index 000000000..6f411bdb1
--- /dev/null
+++ b/mod/admin.php
@@ -0,0 +1,590 @@
+<?php
+ /**
+ * Friendika admin
+ */
+
+
+function admin_init(&$a) {
+ if(!is_site_admin()) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+}
+
+function admin_post(&$a){
+ if(!is_site_admin()) {
+ return login(false);
+ }
+
+ // urls
+ if ($a->argc > 1){
+ switch ($a->argv[1]){
+ case 'site':
+ admin_page_site_post($a);
+ break;
+ case 'users':
+ admin_page_users_post($a);
+ break;
+ case 'logs':
+ admin_page_logs_post($a);
+ break;
+ }
+ }
+
+ goaway($a->get_baseurl() . '/admin' );
+ return; // NOTREACHED
+}
+
+function admin_content(&$a) {
+
+ if(!is_site_admin()) {
+ return login(false);
+ }
+
+ /**
+ * Side bar links
+ */
+
+ // array( url, name, extra css classes )
+ $aside = Array(
+ 'site' => Array($a->get_baseurl()."/admin/site/", t("Site") , "site"),
+ 'users' => Array($a->get_baseurl()."/admin/users/", t("Users") , "users"),
+ 'plugins'=> Array($a->get_baseurl()."/admin/plugins/", t("Plugins") , "plugins")
+ );
+
+ /* get plugins admin page */
+
+ $r = q("SELECT * FROM `hook` WHERE `hook`='plugin_admin'");
+ $aside['plugins_admin']=Array();
+ foreach ($r as $h){
+ $plugin = explode("/",$h['file']); $plugin = $plugin[1];
+ $aside['plugins_admin'][] = Array($a->get_baseurl()."/admin/plugins/".$plugin, $plugin, "plugin");
+ }
+
+ $aside['logs'] = Array($a->get_baseurl()."/admin/logs/", t("Logs"), "logs");
+
+ $t = get_markup_template("admin_aside.tpl");
+ $a->page['aside'] = replace_macros( $t, array(
+ '$admin' => $aside,
+ '$h_pending' => t('User registrations waiting for confirm'),
+ '$admurl'=> $a->get_baseurl()."/admin/"
+ ));
+
+
+
+ /**
+ * Page content
+ */
+ $o = '';
+
+ // urls
+ if ($a->argc > 1){
+ switch ($a->argv[1]){
+ case 'site':
+ $o = admin_page_site($a);
+ break;
+ case 'users':
+ $o = admin_page_users($a);
+ break;
+ case 'plugins':
+ $o = admin_page_plugins($a);
+ break;
+ case 'logs':
+ $o = admin_page_logs($a);
+ break;
+ default:
+ notice( t("Item not found.") );
+ }
+ } else {
+ $o = admin_page_summary($a);
+ }
+ return $o;
+}
+
+
+/**
+ * Admin Summary Page
+ */
+function admin_page_summary(&$a) {
+ $r = q("SELECT `page-flags`, COUNT(uid) as `count` FROM `user` GROUP BY `page-flags`");
+ $accounts = Array(
+ Array( t('Normal Account'), 0),
+ Array( t('Soapbox Account'), 0),
+ Array( t('Community/Celebrity Account'), 0),
+ Array( t('Automatic Friend Account'), 0)
+ );
+ $users=0;
+ foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+=$u['count']; }
+
+
+ $r = q("SELECT COUNT(id) as `count` FROM `register`");
+ $pending = $r[0]['count'];
+
+
+
+
+
+ $t = get_markup_template("admin_summary.tpl");
+ return replace_macros($t, array(
+ '$title' => t('Administration'),
+ '$page' => t('Summary'),
+ '$users' => Array( t('Registered users'), $users),
+ '$accounts' => $accounts,
+ '$pending' => Array( t('Pending registrations'), $pending),
+ '$version' => Array( t('Version'), FRIENDIKA_VERSION),
+ '$build' => get_config('system','build'),
+ '$plugins' => Array( t('Active plugins'), $a->plugins )
+ ));
+}
+
+
+/**
+ * Admin Site Page
+ */
+function admin_page_site_post(&$a){
+ if (!x($_POST,"page_site")){
+ return;
+ }
+
+
+ $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
+ $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
+ $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
+ $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
+ $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
+
+
+ $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
+ $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
+
+ $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
+ $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : '');
+ $block_public = ((x($_POST,'block_public')) ? True : False);
+ $force_publish = ((x($_POST,'publish_all')) ? True : False);
+ $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
+ $global_search_url = ((x($_POST,'directory_search_url'))? notags(trim($_POST['directory_search_url'])) : '');
+ $no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False);
+ $no_openid = ((x($_POST,'no_openid')) ? True : False);
+ $no_gravatar = ((x($_POST,'no_gravatar')) ? True : False);
+ $no_regfullname = ((x($_POST,'no_regfullname')) ? True : False);
+ $no_utf = ((x($_POST,'no_utf')) ? True : False);
+ $rino_enc = ((x($_POST,'rino_enc')) ? True : False);
+ $verifyssl = ((x($_POST,'verifyssl')) ? True : False);
+ $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['global_search_url'])) : '');
+ $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['global_search_url'])) : '');
+ $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60);
+
+
+ set_config('config','sitename',$sitename);
+ if ($banner==""){
+ // don't know why, but del_config doesn't work...
+ q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
+ dbesc("system"),
+ dbesc("banner")
+ );
+ } else {
+ set_config('system','banner', $banner);
+ }
+ set_config('system','language', $language);
+ set_config('system','theme', $theme);
+ set_config('system','maximagesize', $maximagesize);
+
+ set_config('config','register_policy', $register_policy);
+ set_config('config','register_text', $register_text);
+ set_config('system','allowed_sites', $allowed_sites);
+ set_config('system','allowed_email', $allowed_email);
+ set_config('system','block_public', $block_public);
+ set_config('system','publish_all', $force_publish);
+ if ($global_directory==""){
+ // don't know why, but del_config doesn't work...
+ q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
+ dbesc("system"),
+ dbesc("directory_submit_url")
+ );
+ } else {
+ set_config('system','directory_submit_url', $global_directory);
+ }
+ set_config('system','directory_search_url', $global_search_url);
+ set_config('system','block_extended_register', $no_multi_reg);
+ set_config('system','no_openid', $no_openid);
+ set_config('system','no_gravatar', $no_gravatar);
+ set_config('system','no_regfullname', $no_regfullname);
+ set_config('system','proxy', $no_utf);
+ set_config('system','rino_encrypt', $rino_enc);
+ set_config('system','verifyssl', $verifyssl);
+ set_config('system','proxyuser', $proxyuser);
+ set_config('system','proxy', $proxy);
+ set_config('system','curl_timeout', $timeout);
+
+
+ goaway($a->get_baseurl() . '/admin/site' );
+ return; // NOTREACHED
+
+}
+
+function admin_page_site(&$a) {
+
+ /* Installed langs */
+ $lang_choices = array();
+ $langs = glob('view/*/strings.php');
+
+ if(is_array($langs) && count($langs)) {
+ if(! in_array('view/en/strings.php',$langs))
+ $langs[] = 'view/en/';
+ asort($langs);
+ foreach($langs as $l) {
+ $t = explode("/",$l);
+ $lang_choices[$t[1]] = $t[1];
+ }
+ }
+
+ /* Installed themes */
+ $theme_choices = array();
+ $files = glob('view/theme/*');
+ if($files) {
+ foreach($files as $file) {
+ $f = basename($file);
+ $theme_name = ((file_exists($file . '/experimental')) ? sprintf("%s - \x28Experimental\x29", $f) : $f);
+ $theme_choices[$f] = $theme_name;
+ }
+ }
+
+
+ /* Banner */
+ $banner = get_config('system','banner');
+ if($banner == false)
+ $banner = htmlspecialchars('<a href="http://project.friendika.com"><img id="logo-img" src="images/friendika-32.png" alt="logo" /></a><span id="logo-text"><a href="http://project.friendika.com">Friendika</a></span>');
+
+ //echo "<pre>"; var_dump($lang_choices); die("</pre>");
+
+ /* Register policy */
+ $register_choices = Array(
+ REGISTER_CLOSED => t("Closed"),
+ REGISTER_APPROVE => t("Need approvation"),
+ REGISTER_OPEN => t("Open")
+ );
+
+ $t = get_markup_template("admin_site.tpl");
+ return replace_macros($t, array(
+ '$title' => t('Administration'),
+ '$page' => t('Site'),
+ '$submit' => t('Submit'),
+ '$baseurl' => $a->get_baseurl(),
+
+ // name, label, value, help string, extra data...
+ '$sitename' => array('sitename', t("Site name"), $a->config['sitename'], ""),
+ '$banner' => array('banner', t("Banner/Logo"), $banner, ""),
+ '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
+ '$theme' => array('theme', t("System theme"), get_config('system','theme'), "Default system theme (which may be over-ridden by user profiles)", $theme_choices),
+
+ '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), "Maximum size in bytes of uploaded images. Default is 0, which means no limits."),
+
+ '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
+ '$register_text' => array('register_text', t("Register text"), $a->config['register_text'], "Will be displayed prominently on the registration page."),
+ '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), "Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains"),
+ '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), "Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains"),
+ '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), "Check to block public access to all otherwise public personal pages on this site unless you are currently logged in."),
+ '$force_publish' => array('publish_all', t("Force publish"), get_config('system','publish_all'), "Check to force all profiles on this site to be listed in the site directory."),
+ '$global_directory' => array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), "URL to update the global directory. If this is not set, the global directory is completely unavailable to the application."),
+ '$global_search_url'=> array('directory_search_url', t("Global directory search URL"), get_config('system','directory_search_url'), ""),
+
+
+ '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), "Disallow users to register additional accounts for use as pages."),
+ '$no_openid' => array('no_openid', t("No OpenID support"), get_config('system','no_openid'), "Disable OpenID support for registration and logins."),
+ '$no_gravatar' => array('no_gravatar', t("No Gravatar support"), get_config('system','no_gravatar'), ""),
+ '$no_regfullname' => array('no_regfullname', t("No fullname check"), get_config('system','no_regfullname'), "If unchecked, force users to registrate with a space between his firsname and lastname in Full name, as an antispam measure"),
+ '$no_utf' => array('no_utf', t("No UTF-8 Regular expressions"), get_config('system','proxy'), "Default is false (meaning UTF8 regular expressions are supported and working)"),
+
+ '$rino_enc' => array('rino_enc', t("Enable Rino encrypt"), get_config('system','rino_encrypt'),""),
+ '$verifyssl' => array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), "If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites."),
+ '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
+ '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
+ '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), "Value is in seconds. Set to 0 for unlimited (not recommended)."),
+
+
+ ));
+
+}
+
+
+/**
+ * Users admin page
+ */
+function admin_page_users_post(&$a){
+ $users=array(); $pending=array();
+ foreach($_POST as $k=>$v){
+ if (substr($k,0,5)=="user_") $users[] = substr($k,5,strlen($k)-5);
+ if (substr($k,0,8)=="pending_") $users[] = substr($k,8,strlen($k)-8);
+ }
+
+ if (x($_POST,'page_users_block')){
+ foreach($users as $uid){
+ q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
+ intval( $uid )
+ );
+ }
+ notice( sprintf( tt("%s user blocked", "%s users blocked", count($users)), count($users)) );
+ }
+ if (x($_POST,'page_users_delete')){
+ require_once("include/Contact.php");
+ foreach($users as $uid){
+ user_remove($uid);
+ }
+ notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
+ }
+
+ if (x($_POST,'page_users_approve')){
+ require_once("include/regmod.php");
+ foreach($pending as $hash){
+ user_allow($hash);
+ }
+ }
+ if (x($_POST,'page_users_deny')){
+ require_once("include/regmod.php");
+ foreach($pending as $hash){
+ user_deny($hash);
+ }
+ }
+ goaway($a->get_baseurl() . '/admin/users' );
+ return; // NOTREACHED
+}
+
+function admin_page_users(&$a){
+ if ($a->argc>2) {
+ $uid = $a->argv[3];
+ $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
+ if (count($user)==0){
+ notice( 'User not found' . EOL);
+ goaway($a->get_baseurl() . '/admin/users' );
+ return; // NOTREACHED
+ }
+ switch($a->argv[2]){
+ case "delete":{
+ // delete user
+ require_once("include/Contact.php");
+ user_remove($uid);
+
+ notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
+ }; break;
+ case "block":{
+ q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
+ intval( 1-$user[0]['blocked'] ),
+ intval( $uid )
+ );
+ }; break;
+ }
+ goaway($a->get_baseurl() . '/admin/users' );
+ return; // NOTREACHED
+
+ }
+
+ /* get pending */
+ $pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
+ FROM `register`
+ LEFT JOIN `contact` ON `register`.`uid` = `contact`.`uid`
+ LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;");
+
+ /* get users */
+ $users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro` , `lastitem`.`changed` AS `lastitem_date`
+ FROM (
+ SELECT `item`.`changed` , `item`.`uid`
+ FROM `item`
+ GROUP BY `uid`
+ ORDER BY `item`.`changed`
+ ) AS `lastitem` , `user`
+ LEFT JOIN `contact` ON `user`.`uid` = `contact`.`uid`
+ WHERE `user`.`verified` =1
+ AND `contact`.`self` =1
+ AND `lastitem`.`uid` = `user`.`uid`
+ ORDER BY `contact`.`name`
+ ");
+
+ function _setup_users($e){
+ $accounts = Array(
+ t('Normal Account'),
+ t('Soapbox Account'),
+ t('Community/Celebrity Account'),
+ t('Automatic Friend Account')
+ );
+ $e['page-flags'] = $accounts[$e['page-flags']];
+ $e['register_date'] = relative_date($e['register_date']);
+ $e['login_date'] = relative_date($e['login_date']);
+ $e['lastitem_date'] = relative_date($e['lastitem_date']);
+ return $e;
+ }
+ $users = array_map("_setup_users", $users);
+
+ $t = get_markup_template("admin_users.tpl");
+ return replace_macros($t, array(
+ // strings //
+ '$title' => t('Administration'),
+ '$page' => t('Users'),
+ '$submit' => t('Submit'),
+ '$select_all' => t('select all'),
+ '$h_pending' => t('User registrations waiting for confirm'),
+ '$th_pending' => array( t('Request date'), t('Name'), t('Email') ),
+ '$no_pending' => t('No registrations.'),
+ '$approve' => t('Approve'),
+ '$deny' => t('Deny'),
+ '$delete' => t('Delete'),
+ '$block' => t('Block'),
+ '$unblock' => t('Unblock'),
+
+ '$h_users' => t('Users'),
+ '$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ),
+
+ '$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
+ '$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
+
+
+ // values //
+ '$baseurl' => $a->get_baseurl(),
+
+ '$pending' => $pending,
+ '$users' => $users,
+ ));
+
+}
+
+
+/*
+ * Plugins admin page
+ */
+
+function admin_page_plugins(&$a){
+
+ /**
+ * Single plugin
+ */
+ if ($a->argc == 3){
+ $plugin = $a->argv[2];
+ if (!is_file("addon/$plugin/$plugin.php")){
+ notice( t("Item not found.") );
+ return;
+ }
+
+ if (x($_GET,"a") && $_GET['a']=="t"){
+ // Toggle plugin status
+ $idx = array_search($plugin, $a->plugins);
+ if ($idx){
+ unset($a->plugins[$idx]);
+ uninstall_plugin($plugin);
+ } else {
+ $a->plugins[] = $plugin;
+ install_plugin($plugin);
+ }
+ set_config("system","addon", implode(", ",$a->plugins));
+ goaway($a->get_baseurl() . '/admin/plugins' );
+ return; // NOTREACHED
+ }
+ // display plugin details
+ require_once('library/markdown.php');
+
+ if (in_array($plugin, $a->plugins)){
+ $status="on"; $action= t("Disable");
+ } else {
+ $status="off"; $action= t("Enable");
+ }
+
+ $readme=Null;
+ if (is_file("addon/$plugin/README.md")){
+ $readme = file_get_contents("addon/$plugin/README.md");
+ $readme = Markdown($readme);
+ } else if (is_file("addon/$plugin/README")){
+ $readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
+ }
+
+ $t = get_markup_template("admin_plugins_details.tpl");
+ return replace_macros($t, array(
+ '$title' => t('Administration'),
+ '$page' => t('Plugins'),
+ '$toggle' => t('Toggle'),
+ '$baseurl' => $a->get_baseurl(),
+
+ '$plugin' => $plugin,
+ '$status' => $status,
+ '$action' => $action,
+ '$info' => get_plugin_info($plugin),
+
+ '$readme' => $readme
+ ));
+ }
+
+
+
+ /**
+ * List plugins
+ */
+
+ $plugins = array();
+ $files = glob("addon/*/");
+ if($files) {
+ foreach($files as $file) {
+ if (is_dir($file)){
+ list($tmp, $id)=array_map("trim", explode("/",$file));
+ $info = get_plugin_info($id);
+ $plugins[] = array( $id, (in_array($id, $a->plugins)?"on":"off") , $info);
+ }
+ }
+ }
+
+ $t = get_markup_template("admin_plugins.tpl");
+ return replace_macros($t, array(
+ '$title' => t('Administration'),
+ '$page' => t('Plugins'),
+ '$submit' => t('Submit'),
+ '$baseurl' => $a->get_baseurl(),
+
+ '$plugins' => $plugins
+ ));
+}
+
+
+/**
+ * Logs admin page
+ */
+
+function admin_page_logs_post(&$a) {
+ if (x($_POST,"page_logs")) {
+
+ $logfile = ((x($_POST,'logfile')) ? notags(trim($_POST['logfile'])) : '');
+ $debugging = ((x($_POST,'debugging')) ? true : false);
+ $loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0);
+
+ set_config('system','logfile', $logfile);
+ set_config('system','debugging', $debugging);
+ set_config('system','loglevel', $loglevel);
+
+
+ }
+
+ goaway($a->get_baseurl() . '/admin/logs' );
+ return; // NOTREACHED
+}
+
+function admin_page_logs(&$a){
+
+ $log_choices = Array(
+ LOGGER_NORMAL => 'Normal',
+ LOGGER_TRACE => 'Trace',
+ LOGGER_DEBUG => 'Debug',
+ LOGGER_DATA => 'Data',
+ LOGGER_ALL => 'All'
+ );
+
+ $t = get_markup_template("admin_logs.tpl");
+ return replace_macros($t, array(
+ '$title' => t('Administration'),
+ '$page' => t('Logs'),
+ '$submit' => t('Submit'),
+ '$clear' => t('Clear'),
+ '$baseurl' => $a->get_baseurl(),
+ '$logname' => get_config('system','logfile'),
+
+ // name, label, value, help string, extra data...
+ '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
+ '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), "Must be writable by web server. Relative to your Friendika index.php."),
+ '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
+ ));
+}
+
diff --git a/mod/regmod.php b/mod/regmod.php
index 9873f1094..8e6a577d4 100644
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -1,6 +1,96 @@
<?php
+function user_allow($hash) {
+ $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($hash)
+ );
+
+ if(! count($register))
+ return false;
+
+ $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+
+ if(! count($user))
+ killme();
+
+ $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($register[0]['hash'])
+ );
+
+
+ $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+
+ $r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
+ intval($user[0]['uid'])
+ );
+ if(count($r) && $r[0]['net-publish']) {
+ $url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
+ if($url && strlen(get_config('system','directory_submit_url')))
+ proc_run('php',"include/directory.php","$url");
+ }
+
+ push_lang($register[0]['language']);
+
+ $email_tpl = get_intltext_template("register_open_eml.tpl");
+ $email_tpl = replace_macros($email_tpl, array(
+ '$sitename' => $a->config['sitename'],
+ '$siteurl' => $a->get_baseurl(),
+ '$username' => $user[0]['username'],
+ '$email' => $user[0]['email'],
+ '$password' => $register[0]['password'],
+ '$uid' => $user[0]['uid']
+ ));
+
+ $res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
+ $email_tpl,
+ 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
+ . 'Content-type: text/plain; charset=UTF-8' . "\n"
+ . 'Content-transfer-encoding: 8bit' );
+
+ pop_lang();
+
+ if($res) {
+ info( t('Account approved.') . EOL );
+ return true;
+ }
+
+}
+
+function user_deny($hash) {
+
+ $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($hash)
+ );
+
+ if(! count($register))
+ return false;
+
+ $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+
+ $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+ $r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+ $r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+
+ $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($register[0]['hash'])
+ );
+ notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
+ return true;
+
+}
function regmod_content(&$a) {
@@ -14,7 +104,7 @@ function regmod_content(&$a) {
return $o;
}
- if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) {
+ if(!is_site_admin()) {
notice( t('Permission denied.') . EOL);
return '';
}
@@ -26,84 +116,12 @@ function regmod_content(&$a) {
$hash = $a->argv[2];
- $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
- dbesc($hash)
- );
-
-
- if(! count($register))
- killme();
-
- $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($register[0]['uid'])
- );
if($cmd === 'deny') {
-
- $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($register[0]['uid'])
- );
- $r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
- intval($register[0]['uid'])
- );
- $r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
- intval($register[0]['uid'])
- );
-
- $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
- dbesc($register[0]['hash'])
- );
- notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
- return;
-
+ if (!user_deny($hash)) killme();
}
if($cmd === 'allow') {
-
- if(! count($user))
- killme();
-
- $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
- dbesc($register[0]['hash'])
- );
-
-
- $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
- intval($register[0]['uid'])
- );
-
- $r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
- intval($user[0]['uid'])
- );
- if(count($r) && $r[0]['net-publish']) {
- $url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
- if($url && strlen(get_config('system','directory_submit_url')))
- proc_run('php',"include/directory.php","$url");
- }
-
- push_lang($register[0]['language']);
-
- $email_tpl = get_intltext_template("register_open_eml.tpl");
- $email_tpl = replace_macros($email_tpl, array(
- '$sitename' => $a->config['sitename'],
- '$siteurl' => $a->get_baseurl(),
- '$username' => $user[0]['username'],
- '$email' => $user[0]['email'],
- '$password' => $register[0]['password'],
- '$uid' => $user[0]['uid']
- ));
-
- $res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
- $email_tpl,
- 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
- . 'Content-type: text/plain; charset=UTF-8' . "\n"
- . 'Content-transfer-encoding: 8bit' );
-
- pop_lang();
-
- if($res) {
- info( t('Account approved.') . EOL );
- return;
- }
+ if (!user_allow($hash)) killme();
}
}