From c6d45858bb73c0f3765fcc7257ed1347d6de1577 Mon Sep 17 00:00:00 2001 From: Klaus Weidenbach Date: Sun, 8 Mar 2015 19:02:48 +0100 Subject: Fixing (un)blocking accounts in /admin/users. When I look at the instructions in sql_conventions about setting bit flags I don't understand how this could have worked before. Changed the behavior for (un)blocking so that it should work now. --- mod/admin.php | 95 +++++++++++++++++++++++++++++++----------------- view/tpl/admin_users.tpl | 54 +++++++++++++-------------- 2 files changed, 87 insertions(+), 62 deletions(-) diff --git a/mod/admin.php b/mod/admin.php index f461474c4..714548f04 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -197,7 +197,7 @@ function admin_page_summary(&$a) { ); if ($r) { $accounts['total'] = array('label' => t('# Accounts'), 'val' => $r[0]['total']); - //@todo $accounts['blocked'] = array('label' => t('# blocked accounts'), 'val' => $r[0]['blocked']); + $accounts['blocked'] = array('label' => t('# blocked accounts'), 'val' => $r[0]['blocked']); $accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']); $accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']); } @@ -639,48 +639,66 @@ function admin_page_queue($a) { } /** - * Users admin page + * @brief Handle POST actions on users admin page. + * + * This function is called when on the admin user/account page the form was + * submitted to handle multiple operations at once. If one of the icons next + * to an entry are pressed the function admin_page_users() will handle this. * * @param App $a */ -function admin_page_users_post(&$a){ - $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() ); - $users = ( x($_POST, 'user') ? $_POST['user'] : Array() ); +function admin_page_users_post($a) { + $pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() ); + $users = ( x($_POST, 'user') ? $_POST['user'] : array() ); + $blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() ); check_form_security_token_redirectOnErr('/admin/users', 'admin_users'); - if (x($_POST,'page_users_block')){ - foreach($users as $uid){ - q("UPDATE account SET account_flags = (account_flags & %d) where account_id = %d", + // change to switch structure? + // account block/unblock button was submitted + if (x($_POST, 'page_users_block')) { + for ($i = 0; $i < count($users); $i++) { + // if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag + $op = ($blocked[$i]) ? '& ~' : '| '; + q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d", intval(ACCOUNT_BLOCKED), - intval( $uid ) + intval($users[$i]) ); } notice( sprintf( tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)), count($users)) ); } - if (x($_POST,'page_users_delete')){ - require_once("include/Contact.php"); - foreach($users as $uid){ - account_remove($uid,true,false); + // account delete button was submitted + if (x($_POST, 'page_users_delete')) { + require_once('include/Contact.php'); + foreach ($users as $uid){ + account_remove($uid, true, false); } notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) ); } - - if (x($_POST,'page_users_approve')){ - foreach($pending as $hash){ + // registration approved button was submitted + if (x($_POST, 'page_users_approve')) { + foreach ($pending as $hash) { user_allow($hash); } } - if (x($_POST,'page_users_deny')){ - foreach($pending as $hash){ + // registration deny button was submitted + if (x($_POST, 'page_users_deny')) { + foreach ($pending as $hash) { user_deny($hash); } } + goaway($a->get_baseurl(true) . '/admin/users' ); } /** - * @param App $a + * @brief Generate users admin page and handle single item operations. + * + * This function generates the users/account admin page and handles the actions + * if an icon next to an entry was clicked. If several items were selected and + * the form was submitted it is handled by the function admin_page_users_post(). + * + * @param App &$a * @return string */ function admin_page_users(&$a){ @@ -695,25 +713,34 @@ function admin_page_users(&$a){ goaway($a->get_baseurl(true) . '/admin/users' ); } - switch(argv(2)){ - case "delete":{ - check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); + check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); + + switch (argv(2)){ + case 'delete': // delete user - require_once("include/Contact.php"); + require_once('include/Contact.php'); account_remove($uid,true,false); - + notice( sprintf(t("User '%s' deleted"), $account[0]['account_email']) . EOL); - }; break; - case "block":{ - check_form_security_token_redirectOnErr('/admin/users', 'admin_users', 't'); - q("UPDATE account SET account_flags = ( account_flags & ~%d ) where account_id = %d", + break; + case 'block': + q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d", intval(ACCOUNT_BLOCKED), - intval( $uid ) + intval($uid) ); - notice( sprintf( (($account[0]['account_flags'] & ACCOUNT_BLOCKED) ? t("User '%s' unblocked"):t("User '%s' blocked")) , $account[0]['account_email']) . EOL); - }; break; + notice( sprintf( t("User '%s' blocked") , $account[0]['account_email']) . EOL); + break; + case 'unblock': + q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d", + intval(ACCOUNT_BLOCKED), + intval($uid) + ); + + notice( sprintf( t("User '%s' unblocked"), $account[0]['account_email']) . EOL); + break; } + goaway($a->get_baseurl(true) . '/admin/users' ); } @@ -725,7 +752,7 @@ function admin_page_users(&$a){ /* get users */ $total = q("SELECT count(*) as total FROM account"); - if(count($total)) { + if (count($total)) { $a->set_pager_total($total[0]['total']); $a->set_pager_itemspage(100); } @@ -772,7 +799,7 @@ function admin_page_users(&$a){ // $users = array_map("_setup_users", $users); - $t = get_markup_template("admin_users.tpl"); + $t = get_markup_template('admin_users.tpl'); $o = replace_macros($t, array( // strings // '$title' => t('Administration'), @@ -813,7 +840,7 @@ function admin_page_users(&$a){ * * @param App $a */ -function admin_page_channels_post(&$a){ +function admin_page_channels_post(&$a) { $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); diff --git a/view/tpl/admin_users.tpl b/view/tpl/admin_users.tpl index 7e0b828d9..52ccbf253 100755 --- a/view/tpl/admin_users.tpl +++ b/view/tpl/admin_users.tpl @@ -10,15 +10,15 @@ return false; } -
+

{{$title}} - {{$page}}

- +
- - + +

{{$h_pending}}

{{if $pending}} - +
{{foreach $th_pending as $th}}{{/foreach}} @@ -31,27 +31,25 @@ - + {{/foreach}}
{{$th}}
{{$u.account_created}} - - + +
-
{{$select_all}}
-
+
{{$select_all}}
+
{{else}}

{{$no_pending}}

{{/if}} - - - - + +

{{$h_users}}

{{if $users}} - +
{{foreach $th_users as $th}}{{/foreach}} @@ -62,30 +60,30 @@ {{foreach $users as $u}} - - + - - - - - - + + + + + + {{/foreach}}
{{$th}}
{{$u.channels}}{{$u.account_created}}{{$u.account_service_class}}{{$u.channels}}{{$u.account_created}}{{$u.account_service_class}} - - + +
-
{{$select_all}}
-
+
{{$select_all}}
+
{{else}} NO USERS?!? {{/if}}
-
+
\ No newline at end of file -- cgit v1.2.3