#36 Admin interface to delete undesired users (spammers)

open
nobody
None
5
2006-08-19
2006-08-19
Andreas Jaggi
No

This patch adds an admin interface which permits to
delete users and all their bookmarks&tags. Particulary
usefull when your scuttle installation had been
"infected" by spammers.

It completes also the UserService->isAdmin() function
by using a field 'uAdmin' in the table sc_users.

Discussion

1 2 > >> (Page 1 of 2)
  • Andreas Jaggi
    Andreas Jaggi
    2006-08-19

     
    Attachments
  • try_out
    try_out
    2006-10-25

    Logged In: YES
    user_id=1557270

    Have installed the script and get the following Error-Code:
    --------------------------------------------------------
    Fatal error: SQL ERROR [ mysql ]

    You have an error in your SQL syntax near 'USING sc_tags,
    sc_bookmarks WHERE sc_tags.bId = sc_bookmarks.bId AND
    sc_bookmark' at line 1

    CALLING PAGE

    /admin.php/delete/test4&

    SQL

    DELETE FROM sc_tags USING sc_tags, sc_bookmarks WHERE
    sc_tags.bId = sc_bookmarks.bId AND sc_bookmarks.uId = 12
    in /[...]/includes/mysql.php on line 390
    --------------------------------------------------------
    Any ideas why?

     
  • kimy
    kimy
    2007-02-10

    Logged In: YES
    user_id=1715996
    Originator: NO

    some one can tell me how can i install this patch ?

    Thanks.

     
  • kimy
    kimy
    2007-02-10

    Logged In: YES
    user_id=1715996
    Originator: NO

    i follow all the steps by adding the correct lines on the files but whit which username and password can i login :s

    sorry for this stupid question

     
  • warenhaus
    warenhaus
    2007-05-04

    Logged In: YES
    user_id=1740933
    Originator: NO

    works, thanks!

    @kimy: you have to add a field called uAdmin to your scuttle-database, table sc_users (with phpMyAdmin, for instance).
    then you select a user (like: yourself), edit the user with phpMyAdmin and set the uAdmin field you created to 1 for this user (and for all other users you want to be admins).

    that worked for me.

     
  • sensifree
    sensifree
    2007-06-10

    Logged In: YES
    user_id=1813508
    Originator: NO

    yes thank you. very useful !

     
  • solroc
    solroc
    2007-06-15

    Logged In: YES
    user_id=1819007
    Originator: NO

    can someone post a short howto how to activate this admin-interface?

    1) what to do with the file "scuttle-admin.diff"
    2) what kind of row do I need to add to my MySQL-Table even better just post the required MySQL-code: I've tried:
    UPDATE `DATABASE-NAME`.`sc_users` SET `uAdmin` = '1' WHERE `sc_users`.`uId` =1 LIMIT 1 ;

     
  • SinusCom
    SinusCom
    2007-06-16

    Logged In: YES
    user_id=1819047
    Originator: NO

    You can do this by modifying the three files ( services/tagservice.php , services/userservice.php , services/bookmarkservice.php ) as it mentionned in scuttle-admin.diff
    so, you create 2 files ( templates/userlist.tpl.php and admin.php )
    You past this on the first ( templates/userlist.tpl.php )
    _____________________________
    <?php

    $userservice =& ServiceFactory::getServiceInstance('UserService');

    $this->includeTemplate($GLOBALS['top_include']);

    echo '<ol id="bookmarks">';

    foreach(array_keys($users) as $key) {

    echo '<li class="xfolkentry">'."\n";

    echo '<div class="link">';
    echo '<a href="'.createURL('profile', $users[$key][$userservice->getFieldname('username')]).'">'.$users[$key][$userservice->getFieldName('username')].'</a>';
    echo '</div>';

    echo '<div class="meta">';
    echo '<a href="'.createURL('admin','delete/'.$users[$key][$userservice->getFieldname('username')]).'" onclick="return confirm(\''.T_('Are you sure?').'\');">'.T_('Delete').'</a>';
    echo '</div>';

    echo '</li>'."\n";
    }

    $this->includeTemplate('sidebar.tpl');
    $this->includeTemplate($GLOBALS['bottom_include']);

    ?>
    _________________________________

    and you paste this on the file admin.php :
    ______________________________________
    <?php

    require_once('header.inc.php');

    $userservice = & ServiceFactory :: getServiceInstance('UserService');
    $tagservice = & ServiceFactory :: getServiceInstance('TagService');
    $bookmarkservice = & ServiceFactory :: getServiceInstance('BookmarkService');
    $templateservice = & ServiceFactory :: getServiceInstance('TemplateService');

    // Header variables
    $tplVars['subtitle'] = T_('Manage users');
    $tplVars['loadjs'] = true;

    if ( !$userservice->isLoggedOn() ) {
    header('Location: '. createURL('login', ''));
    exit();
    }

    $currentUser = $userservice->getCurrentUser();
    $currentUserID = $userservice->getCurrentUserId();
    $currentUsername = $currentUser[$userservice->getFieldName('username')];

    if ( $currentUser['uId'] != ('1') ) {
    header('Location: '. createURL('bookmarks', $currentUsername));
    exit();
    }

    @list($url, $action, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;

    if ( $action ) {
    switch ( $action ) {
    case 'delete':
    if ( $user && ($userinfo = $userservice->getUserByUsername($user)) ) {
    $uId = $userinfo['uId'];

    $userservice->deleteUser($uId);
    $tagservice->deleteTagsForUser($uId);
    // XXX: don't delete bookmarks before tags, else tags can't be deleted !!!
    $bookmarkservice->deleteBookmarksForUser($uId);

    $tplVars['msg'] = sprintf(T_('%s and all his bookmarks and tags were deleted.'), $user);
    }
    break;
    default:
    // DO NOTHING
    }
    }

    $templatename = 'userlist.tpl';
    $users =& $userservice->getAllUsers();

    if ( !is_array($users) ) {
    $users = array();
    }

    $tplVars['users'] =& $users;

    $templateservice->loadTemplate($templatename, $tplVars);

    ?>
    __________________________________

    The user who have the uId = 1 ( normaly this is you as you are the first membrer have acces to the file admin.php )
    After you log in, acces to this file by typing : www.your-web-site.com/admin.php

    That's all !

    If you need more help, contact me by mail, i can give you the files by messenger.

    Kind regards,
    SinusCom.

     
  • I don't have myphpadmin.
    How do I use this?

    I added admin.php and templates/userlist.tpl.php

    When I try to access admin.php, I get this error:
    "Fatal error: Call to undefined method UserService::getAllUsers() in /usr/share/scuttle/www/admin.php on line 57 "

    (server is running debian 6.0, I admin mysql from cli).

     
  • I applied everything from the diff.
    I added a column to sc_users (uAdmin), and made myself admin.
    I created the admin.php, etc.
    I followed all of these instructions, and still, when I try to access admin.php, I get the error:
    Fatal error: Call to undefined method UserService::getAllUsers() in
    /usr/share/scuttle/www/admin.php on line 57

    I have function getAllUsers in services/userservice.php
    What's wrong here?

    site is tonybaldwin.me/scuttle/

     
1 2 > >> (Page 1 of 2)