Menu
▾
▴
[mxbb-commits] mx_phpbb2admin/admin admin_groupcp.php, NONE, 1.1 admin_groups.php, NONE, 1.1 admin_users.php, NONE, 1.1
|
From: Jon O. <jon...@us...> - 2007-09-15 20:35:20
|
Update of /cvsroot/mxbb/mx_phpbb2admin/admin In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv25347 Added Files: admin_groupcp.php admin_groups.php admin_users.php Log Message: forgotten files --- NEW FILE: admin_groups.php --- <?php /*************************************************************************** * admin_groups.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: admin_groups.php,v 1.1 2007/09/15 20:35:16 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ define( 'IN_PORTAL', true ); if ( !empty( $setmodules ) ) { $filename = basename( __FILE__ ); $module['phpbb2admin']['2_phpbb2admin_Groups'] = 'modules/mx_phpbb2admin/admin/' . $filename; return; } $mx_root_path = './../../../'; $module_root_path = "./../"; $phpEx = substr(strrchr(__FILE__, '.'), 1); require( $mx_root_path . '/admin/pagestart.' . $phpEx ); include_once( $mx_root_path . 'admin/page_header_admin.' . $phpEx ); // ********************************************************************** // Read language definition // ********************************************************************** if ( !file_exists( $module_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx ) ) { include( $module_root_path . 'language/lang_english/lang_admin.' . $phpEx ); } else { include( $module_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx ); } if ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) { $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); } else { $group_id = 0; } if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) { $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } else { $mode = ''; } if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) { // // Ok they are editing a group or creating a new group // $template->set_filenames(array( 'body' => 'admin/group_edit_body.tpl') ); if ( isset($HTTP_POST_VARS['edit']) ) { // // They're editing. Grab the vars. // switch (PORTAL_BACKEND) { case 'internal': case 'phpbb2': $sql = "SELECT * FROM " . GROUPS_TABLE . " WHERE group_single_user <> " . TRUE . " AND group_id = $group_id"; break; case 'phpbb3': $sql = "SELECT * FROM " . GROUPS_TABLE . " WHERE group_name NOT IN ('BOTS', 'GUESTS') AND group_id = $group_id"; break; } if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); } if ( !($group_info = $db->sql_fetchrow($result)) ) { mx_message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); } $mode = 'editgroup'; $template->assign_block_vars('group_edit', array()); } else if ( isset($HTTP_POST_VARS['new']) ) { $group_info = array ( 'group_name' => '', 'group_description' => '', 'group_moderator' => '', 'group_type' => GROUP_OPEN); $group_open = ' checked="checked"'; $mode = 'newgroup'; } // // Ok, now we know everything about them, let's show the page. // if ($group_info['group_moderator'] != '') { $sql = "SELECT user_id, username FROM " . USERS_TABLE . " WHERE user_id = " . $group_info['group_moderator']; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); } if ( !($row = $db->sql_fetchrow($result)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); } $group_moderator = $row['username']; } else { $group_moderator = ''; } $group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : ''; $group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : ''; $group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : ''; $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />'; $template->assign_vars(array( 'GROUP_NAME' => $group_info['group_name'], 'GROUP_DESCRIPTION' => $group_info['group_description'], 'GROUP_MODERATOR' => $group_moderator, 'L_GROUP_TITLE' => $lang['Group_administration'], 'L_GROUP_EDIT_DELETE' => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], 'L_GROUP_NAME' => $lang['group_name'], 'L_GROUP_DESCRIPTION' => $lang['group_description'], 'L_GROUP_MODERATOR' => $lang['group_moderator'], 'L_FIND_USERNAME' => $lang['Find_username'], 'L_GROUP_STATUS' => $lang['group_status'], 'L_GROUP_OPEN' => $lang['group_open'], 'L_GROUP_CLOSED' => $lang['group_closed'], 'L_GROUP_HIDDEN' => $lang['group_hidden'], 'L_GROUP_DELETE' => $lang['group_delete'], 'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'], 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'L_DELETE_MODERATOR' => $lang['delete_group_moderator'], 'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'], 'L_YES' => $lang['Yes'], 'U_SEARCH_USER' => mx_append_sid("../search.$phpEx?mode=searchuser"), 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 'S_GROUP_OPEN_CHECKED' => $group_open, 'S_GROUP_CLOSED_CHECKED' => $group_closed, 'S_GROUP_HIDDEN_CHECKED' => $group_hidden, 'S_GROUP_ACTION' => mx_append_sid("admin_groups.$phpEx"), 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); $template->pparse('body'); } else if ( isset($HTTP_POST_VARS['group_update']) ) { // // Ok, they are submitting a group, let's save the data based on if it's new or editing // if ( isset($HTTP_POST_VARS['group_delete']) ) { // // Reset User Moderator Level // // Is Group moderating a forum ? $sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = " . $group_id; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not select auth_access', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); if (intval($row['auth_mod']) == 1) { // Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums $sql = "SELECT user_id FROM " . USER_GROUP_TABLE . " WHERE group_id = " . $group_id; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not select user_group', '', __LINE__, __FILE__, $sql); } $rows = $db->sql_fetchrowset($result); for ($i = 0; $i < count($rows); $i++) { $sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id) AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain moderator permissions', '', __LINE__, __FILE__, $sql); } if ($db->sql_numrows($result) == 0) { $sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . " WHERE user_level = " . MOD . " AND user_id = " . intval($rows[$i]['user_id']); if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update moderator permissions', '', __LINE__, __FILE__, $sql); } } } } // // Delete Group // $sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = " . $group_id; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . USER_GROUP_TABLE . " WHERE group_id = " . $group_id; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update user_group', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = " . $group_id; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update auth_access', '', __LINE__, __FILE__, $sql); } $message = $lang['Deleted_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . mx_append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . mx_append_sid("index.$phpEx?pane=right") . '">', '</a>'); mx_message_die(GENERAL_MESSAGE, $message); } else { $group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN; $group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : ''; $group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : ''; $group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; $delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false; if ( $group_name == '' ) { mx_message_die(GENERAL_MESSAGE, $lang['No_group_name']); } else if ( $group_moderator == '' ) { mx_message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); } $this_userdata = mx_get_userdata($group_moderator, true); $group_moderator = $this_userdata['user_id']; if ( !$group_moderator ) { mx_message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); } if( $mode == "editgroup" ) { switch (PORTAL_BACKEND) { case 'internal': case 'phpbb2': $sql = "SELECT * FROM " . GROUPS_TABLE . " WHERE group_single_user <> " . TRUE . " AND group_id = $group_id"; break; case 'phpbb3': $sql = "SELECT * FROM " . GROUPS_TABLE . " WHERE group_name NOT IN ('BOTS', 'GUESTS') AND group_id = $group_id"; break; } if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); } if( !($group_info = $db->sql_fetchrow($result)) ) { mx_message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); } if ( $group_info['group_moderator'] != $group_moderator ) { if ( $delete_old_moderator ) { $sql = "DELETE FROM " . USER_GROUP_TABLE . " WHERE user_id = " . $group_info['group_moderator'] . " AND group_id = " . $group_id; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql); } } $sql = "SELECT user_id FROM " . USER_GROUP_TABLE . " WHERE user_id = $group_moderator AND group_id = $group_id"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Failed to obtain current group moderator info', '', __LINE__, __FILE__, $sql); } if ( !($row = $db->sql_fetchrow($result)) ) { $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) VALUES (" . $group_id . ", " . $group_moderator . ", 0)"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql); } } } $sql = "UPDATE " . GROUPS_TABLE . " SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator WHERE group_id = $group_id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql); } $message = $lang['Updated_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . mx_append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . mx_append_sid("index.$phpEx?pane=right") . '">', '</a>');; mx_message_die(GENERAL_MESSAGE, $message); } else if( $mode == 'newgroup' ) { switch (PORTAL_BACKEND) { case 'internal': case 'phpbb2': $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user) VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')"; break; case 'phpbb3': $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator) VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator)"; break; } if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql); } $new_group_id = $db->sql_nextid(); $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) VALUES ($new_group_id, $group_moderator, 0)"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not insert new user-group info', '', __LINE__, __FILE__, $sql); } $message = $lang['Added_new_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . mx_append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . mx_append_sid("index.$phpEx?pane=right") . '">', '</a>');; mx_message_die(GENERAL_MESSAGE, $message); } else { mx_message_die(GENERAL_MESSAGE, $lang['No_group_action']); } } } else { switch (PORTAL_BACKEND) { case 'internal': case 'phpbb2': $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " WHERE group_single_user <> " . TRUE . " ORDER BY group_name ASC"; break; case 'phpbb3': $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " WHERE group_name NOT IN ('BOTS', 'GUESTS') ORDER BY group_name ASC"; break; } if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain group list', '', __LINE__, __FILE__, $sql); } $select_list = ''; if ( $row = $db->sql_fetchrow($result) ) { $select_list .= '<select name="' . POST_GROUPS_URL . '">'; do { $select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; } while ( $row = $db->sql_fetchrow($result) ); $select_list .= '</select>'; } $template->set_filenames(array( 'body' => 'admin/group_select_body.tpl') ); $template->assign_vars(array( 'L_GROUP_TITLE' => $lang['Group_administration'], 'L_GROUP_EXPLAIN' => $lang['Group_admin_explain'], 'L_GROUP_SELECT' => $lang['Select_group'], 'L_LOOK_UP' => $lang['Look_up_group'], 'L_CP_UP' => $lang['Look_up_groupcp'], 'L_CREATE_NEW_GROUP' => $lang['New_group'], 'S_GROUP_ACTION' => mx_append_sid("admin_groups.$phpEx"), 'S_GROUPCP_ACTION' => mx_append_sid("admin_groupcp.$phpEx"), 'S_GROUP_SELECT' => $select_list) ); if ( $select_list != '' ) { $template->assign_block_vars('select_box', array()); } $template->pparse('body'); } include_once( $mx_root_path . 'admin/page_footer_admin.' . $phpEx ); ?> --- NEW FILE: admin_groupcp.php --- <?php /*************************************************************************** * admin_groupcp.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: admin_groupcp.php,v 1.1 2007/09/15 20:35:16 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. [...1308 lines suppressed...] 'S_USERGROUP_ACTION' => mx_append_sid("admin_groupcp.$phpEx"), 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'GROUP_LIST_SELECT' => $s_group_list, 'GROUP_PENDING_SELECT' => $s_pending_groups, 'GROUP_MEMBER_SELECT' => $s_member_groups) ); $template->pparse('user'); } else { mx_message_die(GENERAL_MESSAGE, $lang['No_groups_exist']); } } include_once( $mx_root_path . 'admin/page_footer_admin.' . $phpEx ); ?> --- NEW FILE: admin_users.php --- <?php /*************************************************************************** * admin_users.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: admin_users.php,v 1.1 2007/09/15 20:35:16 jonohlsson Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ define( 'IN_PORTAL', true ); if ( !empty( $setmodules ) ) { $filename = basename( __FILE__ ); //$module['phpbb2admin']['Users'] = 'modules/mx_phpbb2admin/admin/' . $filename; return; } $mx_root_path = './../../../'; $module_root_path = "./../"; $phpEx = substr(strrchr(__FILE__, '.'), 1); require( $mx_root_path . '/admin/pagestart.' . $phpEx ); include_once( $mx_root_path . 'admin/page_header_admin.' . $phpEx ); include_once($mx_root_path . 'includes/shared/phpbb2/includes/bbcode.'.$phpEx); include_once($mx_root_path . 'includes/shared/phpbb2/includes/functions_post.'.$phpEx); include_once($mx_root_path . 'includes/shared/phpbb2/includes/functions_selects.'.$phpEx); include_once($mx_root_path . 'includes/shared/phpbb2/includes/functions_validate.'.$phpEx); $html_entities_match = array('#<#', '#>#'); $html_entities_replace = array('<', '>'); // ********************************************************************** // Read language definition // ********************************************************************** if ( !file_exists( $module_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx ) ) { include( $module_root_path . 'language/lang_english/lang_admin.' . $phpEx ); } else { include( $module_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx ); } // // Set mode // if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) { $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } else { $mode = ''; } $action = (isset($HTTP_POST_VARS['id'])) && !empty($HTTP_POST_VARS['id']) ? 'do_update' : 'do_add'; // // Begin program // if ( $mode == 'edit' || $mode == 'add' || $mode == 'save' && ( isset($HTTP_GET_VARS['username']) || isset($HTTP_POST_VARS['username']) ) ) { // // Ok, the profile has been modified and submitted, let's update // if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) ) { $user_id = intval($HTTP_POST_VARS['id']); if ($mode == 'edit' && !($this_userdata = mx_get_userdata($user_id))) { mx_message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); } if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) ) { switch (PORTAL_BACKEND) { case 'internal': case 'phpbb2': $sql = "SELECT g.group_id FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id AND g.group_single_user = 1"; break; case 'phpbb3': $sql = "SELECT g.group_id FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id AND g.group_name IN ('BOTS', 'GUESTS')"; break; } if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); if (PORTAL_BACKEND != 'internal') { $sql = "UPDATE " . POSTS_TABLE . " SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "' WHERE poster_id = $user_id"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql); } $sql = "UPDATE " . TOPICS_TABLE . " SET topic_poster = " . DELETED . " WHERE topic_poster = $user_id"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql); } $sql = "UPDATE " . VOTE_USERS_TABLE . " SET vote_user_id = " . DELETED . " WHERE vote_user_id = $user_id"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql); } } $sql = "SELECT group_id FROM " . GROUPS_TABLE . " WHERE group_moderator = $user_id"; if( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql); } while ( $row_group = $db->sql_fetchrow($result) ) { $group_moderator[] = $row_group['group_id']; } if ( count($group_moderator) ) { $update_moderator_id = implode(', ', $group_moderator); $sql = "UPDATE " . GROUPS_TABLE . " SET group_moderator = " . $userdata['user_id'] . " WHERE group_moderator IN ($update_moderator_id)"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql); } } $sql = "DELETE FROM " . USERS_TABLE . " WHERE user_id = $user_id"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . USER_GROUP_TABLE . " WHERE user_id = $user_id"; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = " . $row['group_id']; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql); } if (PORTAL_BACKEND != 'internal') { $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = " . $row['group_id']; if( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE user_id = $user_id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_userid = $user_id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql); } } $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = $user_id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete sessions for this user', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . " WHERE user_id = $user_id"; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete auto-login keys for this user', '', __LINE__, __FILE__, $sql); } if (PORTAL_BACKEND != 'internal') { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " WHERE privmsgs_from_userid = $user_id OR privmsgs_to_userid = $user_id"; if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Could not select all users private messages', '', __LINE__, __FILE__, $sql); } // This little bit of code directly from the private messaging section. while ( $row_privmsgs = $db->sql_fetchrow($result) ) { $mark_list[] = $row_privmsgs['privmsgs_id']; } if ( count($mark_list) ) { $delete_sql_id = implode(', ', $mark_list); $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . " WHERE privmsgs_text_id IN ($delete_sql_id)"; $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . " WHERE privmsgs_id IN ($delete_sql_id)"; if ( !$db->sql_query($delete_sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql); } if ( !$db->sql_query($delete_text_sql) ) { mx_message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql); } } } $message = $lang['User_deleted'] . '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . mx_append_sid("admin_userlist.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . mx_append_sid("index.$phpEx?pane=right") . '">', '</a>'); mx_message_die(GENERAL_MESSAGE, $message); } $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpBB2::phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : ''; $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : ''; $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : ''; $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; } if( isset( $HTTP_POST_VARS['submit'] ) ) { $error = FALSE; if (stripslashes($username) != $this_userdata['username']) { unset($rename_user); if ( stripslashes(strtolower($username)) != strtolower($this_userdata['username']) ) { $result = validate_username($username); if ( $result['error'] ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg']; } else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_taken']; } } if (!$error) { $username_sql = "username = '" . str_replace("\\'", "''", $username) . "', "; $username_sql_add = "'" . str_replace("\\'", "''", $username) . "'"; $rename_user = $username; // Used for renaming usergroup } } $passwd_sql = ''; if( !empty($password) && !empty($password_confirm) ) { // // Awww, the user wants to change their password, isn't that cute.. // if($password != $password_confirm) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; } else { $password = md5($password); $passwd_sql = "user_password = '$password', "; $passwd_sql_add = "'$password'"; } } else if( $password && !$password_confirm ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; } else if( !$password && $password_confirm ) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; } else if( $action == 'do_add' ) // New user must have password { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; } // // Update entry in DB // if( !$error ) { $email_sql = "'" . str_replace("\'", "''", $email) . "'"; if ($action == 'do_add') { $sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); } if ( !($row = $db->sql_fetchrow($result)) ) { message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); } $user_id = $row['total'] + 1; $sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_password, user_email, user_active, user_regdate) VALUES ($user_id, $username_sql_add, $passwd_sql_add, $email_sql, $user_status, '".time()."')"; } else { $sql = "UPDATE " . USERS_TABLE . " SET " . $username_sql . $passwd_sql . "user_email = $email_sql, user_active = $user_status" . " WHERE user_id = $user_id"; } if( $result = $db->sql_query($sql) ) { if ($action == 'do_update') { if( isset($rename_user) ) { $sql = "UPDATE " . GROUPS_TABLE . " SET group_name = '".str_replace("\'", "''", $rename_user)."' WHERE group_name = '".str_replace("'", "''", $this_userdata['username'] )."'"; if( !$result = $db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql); } } // Delete user session, to prevent the user navigating the forum (if logged in) when disabled if (!$user_status) { $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = " . $user_id; if ( !$db->sql_query($sql) ) { mx_message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql); } } // We remove all stored login keys since the password has been updated // and change the current one (if applicable) if ( !empty($passwd_sql) ) { $mx_user->session_reset_keys($user_id, $user_ip); } } $message .= $action == 'do_update'? $lang['Admin_user_updated'] : $lang['Admin_user_added']; } else { mx_message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql); } $message .= '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . mx_append_sid("admin_userlist.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . mx_append_sid("index.$phpEx?pane=right") . '">', '</a>'); mx_message_die(GENERAL_MESSAGE, $message); } else { $template->set_filenames(array( 'reg_header' => 'error_body.tpl') ); $template->assign_vars(array( 'ERROR_MESSAGE' => $error_msg) ); $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); $username = htmlspecialchars(stripslashes($username)); $email = stripslashes($email); $password = ''; $password_confirm = ''; } } // // SHOW USER // else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' ) { if ($mode == 'edit') { if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) { $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]); $this_userdata = mx_get_userdata($user_id); if( !$this_userdata ) { mx_message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); } } else { //$this_userdata = mx_get_userdata($HTTP_POST_VARS['username'], true); $this_userdata = mx_get_userdata($HTTP_GET_VARS['username'], true); if( !$this_userdata ) { mx_message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); } } } else { $this_userdata['user_id'] = '' ; $this_userdata['username'] = 'Enter' ; $this_userdata['user_email'] = 'me@somewhere' ; $this_userdata['user_active'] = '1' ; } // // Now parse and display it as a template // $user_id = $this_userdata['user_id']; $username = $this_userdata['username']; $email = $this_userdata['user_email']; $password = ''; $password_confirm = ''; $user_status = $this_userdata['user_active']; } $s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; $s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />'; $template->set_filenames(array( "body" => "admin/user_edit_body.tpl") ); $template->assign_vars(array( 'USERNAME' => $username, 'EMAIL' => $email, 'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '', 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', 'L_USERNAME' => $lang['Username'], 'L_USER_TITLE' => $lang['User_admin'], 'L_USER_EXPLAIN' => $lang['User_admin_explain'], 'L_NEW_PASSWORD' => $lang['New_password'], 'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'], 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'], 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'L_SPECIAL' => $lang['User_special'], 'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'], 'L_USER_ACTIVE' => $lang['User_status'], 'L_EMAIL_ADDRESS' => $lang['Email_address'], 'L_DELETE_USER' => $lang['User_delete'], 'L_DELETE_USER_EXPLAIN' => $lang['User_delete_explain'], 'L_SELECT_RANK' => $lang['Rank_title'], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_PROFILE_ACTION' => mx_append_sid("admin_users.$phpEx")) ); $template->pparse('body'); } else { // // Default user selection box // $template->set_filenames(array( 'body' => 'admin/user_select_body.tpl') ); $template->assign_vars(array( 'L_USER_TITLE' => $lang['User_admin'], 'L_USER_EXPLAIN' => $lang['User_admin_explain'], 'L_USER_SELECT' => $lang['Select_a_User'], 'L_LOOK_UP' => $lang['Look_up_user'], 'L_FIND_USERNAME' => $lang['Find_username'], 'U_SEARCH_USER' => mx_append_sid("./../search.$phpEx?mode=searchuser"), 'S_USER_ACTION' => mx_append_sid("admin_users.$phpEx"), 'S_USER_SELECT' => $select_list) ); $template->pparse('body'); } include_once( $mx_root_path . 'admin/page_footer_admin.' . $phpEx ); ?> |
