1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
<?php
function user_allow($hash) {
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
dbesc($hash)
);
if(! count($register))
return false;
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($register[0]['uid'])
);
if(! count($user))
killme();
$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
dbesc($register[0]['hash'])
);
$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
intval($register[0]['uid'])
);
$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
intval($user[0]['uid'])
);
if(count($r) && $r[0]['net-publish']) {
$url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
if($url && strlen(get_config('system','directory_submit_url')))
proc_run('php',"include/directory.php","$url");
}
push_lang($register[0]['language']);
$email_tpl = get_intltext_template("register_open_eml.tpl");
$email_tpl = replace_macros($email_tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),
'$username' => $user[0]['username'],
'$email' => $user[0]['email'],
'$password' => $register[0]['password'],
'$uid' => $user[0]['uid']
));
$res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
$email_tpl,
'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit' );
pop_lang();
if($res) {
info( t('Account approved.') . EOL );
return true;
}
}
function user_deny($hash) {
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
dbesc($hash)
);
if(! count($register))
return false;
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($register[0]['uid'])
);
$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
intval($register[0]['uid'])
);
$r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
intval($register[0]['uid'])
);
$r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
intval($register[0]['uid'])
);
$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
dbesc($register[0]['hash'])
);
notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
return true;
}
function regmod_content(&$a) {
global $lang;
$_SESSION['return_url'] = $a->cmd;
if(! local_user()) {
info( t('Please login.') . EOL);
$o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
return $o;
}
if(!is_site_admin()) {
notice( t('Permission denied.') . EOL);
return '';
}
if($a->argc != 3)
killme();
$cmd = $a->argv[1];
$hash = $a->argv[2];
if($cmd === 'deny') {
if (!user_deny($hash)) killme();
}
if($cmd === 'allow') {
if (!user_allow($hash)) killme();
}
}
|