2 /************************************************************************
3 * MXChange v0.2.1 Start: 09/28/2003 *
4 * =============== Last change: 06/10/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-lock_user.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Lock members *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder sperren *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2008 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
41 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
45 // Add description as navigation point
46 ADD_DESCR('admin', __FILE__);
49 if (REQUEST_ISSET_GET('uid')) {
51 $result_user = SQL_QUERY_ESC("SELECT status, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
52 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
54 if (SQL_NUMROWS($result_user) == 1) {
56 list($status, $gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
59 SQL_FREERESULT($result_user);
61 // Is a lock reason set?
62 if ((REQUEST_ISSET_POST('lock')) && ($status != 'LOCKED')) {
63 // Ok, lock the account!
64 if (GET_EXT_VERSION('user') >= '0.3.5') {
66 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED',lock_reason='%s',lock_timestamp=NOW() WHERE userid=%s LIMIT 1",
67 array(REQUEST_POST('reason'), bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
69 // Lock with no lock reason saved
70 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED' WHERE userid=%s LIMIT 1",
71 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
75 if (SQL_AFFECTEDROWS() == 1) {
76 // Send an email to the user! In later version you can optionally switch this feature off
77 $message = LOAD_EMAIL_TEMPLATE('lock-user', array('text' => REQUEST_POST('reason')), bigintval(REQUEST_GET('uid')));
80 sendEmail(bigintval(REQUEST_GET('uid')), ADMIN_LOCKED_SUBJ, $message);
84 $message = sprintf(getMessage('USER_ACCOUNT_LOCKED'), REQUEST_GET('uid'));
86 } elseif ((REQUEST_ISSET_POST(('unlock'))) && ($status == 'LOCKED')) {
87 // Ok, unlock the account!
88 if (GET_EXT_VERSION('user') >= '0.3.5') {
89 // Reset lock reason as well
91 `{!_MYSQL_PREFIX!}_user_data`
95 `lock_timestamp`='0000-00-00 00:00'
99 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
101 // No lock reason to reset
102 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED' WHERE `userid`=%s LIMIT 1",
103 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
107 if (SQL_AFFECTEDROWS() == 1) {
108 // Send an email to the user! In later version you can optionally switch this feature off
109 $message = LOAD_EMAIL_TEMPLATE('unlock-user', array('text' => REQUEST_POST('reason')), bigintval(REQUEST_GET('uid')));
112 sendEmail(bigintval(REQUEST_GET('uid')), getMessage('ADMIN_UNLOCKED_SUBJ'), $message);
113 if (EXT_IS_ACTIVE('rallye')) {
114 RALLYE_AUTOADD_USER(REQUEST_GET('uid'));
119 $message = sprintf(getMessage('USER_ACCOUNT_UNLOCKED'), REQUEST_GET('uid'));
121 } elseif (REQUEST_ISSET_POST('del')) {
122 // Delete the account
124 loadIncludeOnce('inc/modules/admin/what-del_user.php');
125 } elseif (REQUEST_ISSET_POST('no')) {
126 // Do not lock him...
127 $URL = ADMIN_CREATE_USERID_LINK(REQUEST_GET('uid'));
129 // Load user data we need
130 $result = SQL_QUERY_ESC("SELECT `email`, `surname`, `family` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
131 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
134 if (SQL_NUMROWS($result) == 1) {
136 $DATA = SQL_FETCHARRAY($result);
138 // Transfer data to constants for the template
139 // @TODO Rewrite these all constants
140 define('__EMAIL', generateEmailLink($DATA['email'], 'user_data'));
141 define('__SNAME', $DATA['surname']);
142 define('__FNAME', $DATA['family']);
143 define('__UID' , bigintval(REQUEST_GET('uid')));
145 // Realy want to lock?
148 case 'CONFIRMED': // Yes, lock him down... ;-)
149 define('__OK_VALUE' , 'lock');
150 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_LOCK_ACCOUNT'), constant('__UID')));
151 define('__TEXT_VALUE' , sprintf(getMessage('ADMIN_TEXT_LOCK_ACCOUNT'), constant('__UID')));
154 case 'LOCKED': // Unlock the user
155 define('__OK_VALUE' , 'unlock');
156 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_UNLOCK_ACCOUNT'), constant('__UID')));
157 define('__TEXT_VALUE' , sprintf(getMessage('ADMIN_TEXT_UNLOCK_ACCOUNT'), constant('__UID')));
160 case 'UNCONFIRMED': // Unconfirmed accounts cannot be unlocked!
161 define('__OK_VALUE' , 'del');
162 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_DEL_ACCOUNT'), constant('__UID')));
163 define('__TEXT_VALUE' , sprintf(getMessage('ADMIN_TEXT_DEL_ACCOUNT'), constant('__UID')));
168 LOAD_TEMPLATE('admin_lock_user');
170 // Account does not exists!
171 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
175 SQL_FREERESULT($result);
183 // An action was performed...
184 if (!empty($message)) {
185 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_green\">".$message."</div>");
187 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_green\">".getMessage('ADMIN_USER_UPDATED')."</div>");
191 // Account does not exists!
192 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
196 ADD_MEMBER_SELECTION_BOX();