aboutsummaryrefslogtreecommitdiffstats
path: root/mod/regmod.php
blob: f03c2a3fe5d14fca26fbc0f7efde309151389cb4 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php



function regmod_content(&$a) {

	if(! local_user()) {
		notice( t('Please login.') . EOL);
		$o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
		return $o;
	}

	if($a->argc != 3)
		killme();

	$cmd = $a->argv[1];
	$hash = $a->argv[2];


	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
		dbesc($hash)
	);


	if(! count($register))
		killme();

	if($cmd == 'deny') {

		$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
			intval($register[0]['uid'])
		);
		$r = q("DELETE FROM `contact` WHERE `uid` = %d",
			intval($register[0]['uid'])
		); 
		$r = q("DELETE FROM `profile` WHERE `uid` = %d",
			intval($register[0]['uid'])
		); 

		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
			dbesc($register[0]['hash'])
		);
		notice( t('Registration revoked.') . EOL);
		return;

	}

	if($cmd == 'allow') {

		$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
			intval($register[0]['uid'])
		);
		if(! count($user))
			killme();

		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
			dbesc($register[0]['hash'])
		);


		$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
			intval($register[0]['uid'])
		);
		
		$email_tpl = file_get_contents("view/register_open_eml.tpl");
		$email_tpl = replace_macros($email_tpl, array(
				'$sitename' => $a->config['sitename'],
				'$siteurl' =>  $a->get_baseurl(),
				'$username' => $user[0]['username'],
				'$email' => $user[0]['email'],
				'$password' => $register[0]['password'],
				'$uid' => $user[0]['uid']
		));

		$res = mail($user[0]['email'], t('Registration details for '). $a->config['sitename'],
			$email_tpl,'From: ' . t('Administrator@') . $_SERVER[SERVER_NAME] );


		if($res) {
			notice( t('Account approved.') . EOL );
			return;
		}

	}
}