2 /************************************************************************
3 * MXChange v0.2.1 Start: 09/28/2003 *
4 * =============== Last change: 06/10/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-lock_user.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Lock members *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder sperren *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
40 // Add description as navigation point
41 ADD_DESCR("admin", __FILE__);
44 if (!empty($_GET['u_id'])) {
46 $result_user = SQL_QUERY_ESC("SELECT status, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
47 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
49 if (SQL_NUMROWS($result_user) == 1) {
51 list($status, $gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
54 SQL_FREERESULT($result_user);
56 // Is a lock reason set?
57 if ((!empty($_POST['lock'])) && ($status != "LOCKED")) {
58 // Ok, lock the account!
59 if (GET_EXT_VERSION("user") >= "0.3.5") {
61 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED',lock_reason='%s',lock_timestamp=NOW() WHERE userid=%s LIMIT 1",
62 array($_POST['reason'], bigintval($_GET['u_id'])), __FILE__, __LINE__);
64 // Lock with no lock reason saved
65 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED' WHERE userid=%s LIMIT 1",
66 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
70 if (SQL_AFFECTEDROWS() == 1) {
71 // Send an email to the user! In later version you can optionally switch this feature off
72 $msg = LOAD_EMAIL_TEMPLATE("lock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
75 SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_LOCKED_SUBJ, $msg);
79 $MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;
81 } elseif ((!empty($_POST['unlock'])) && ($status == "LOCKED")) {
82 // Ok, unlock the account!
83 if (GET_EXT_VERSION("user") >= "0.3.5") {
84 // Reset lock reason as well
85 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED',lock_reason='',lock_timestamp='0000-00-00 00:00' WHERE userid=%s LIMIT 1",
86 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
88 // No lock reason to reset
89 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED' WHERE userid=%s LIMIT 1",
90 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
94 if (SQL_AFFECTEDROWS() == 1) {
95 // Send an email to the user! In later version you can optionally switch this feature off
96 $msg = LOAD_EMAIL_TEMPLATE("unlock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
99 SEND_EMAIL(bigintval($_GET['u_id']), getMessage('ADMIN_UNLOCKED_SUBJ'), $msg);
100 if (EXT_IS_ACTIVE("rallye")) {
101 RALLYE_AUTOADD_USER($_GET['u_id']);
106 $MSG = USER_ACCOUNT_UNLOCKED_1.$_GET['u_id'].USER_ACCOUNT_UNLOCKED_2;
108 } elseif (isset($_POST['del'])) {
109 // Delete the account
111 LOAD_INC_ONCE("inc/modules/admin/what-del_user.php");
112 } elseif (!empty($_POST['no'])) {
113 // Do not lock him...
114 $URL = "modules.php?module=admin&what=list_user&u_id=".bigintval($_GET['u_id']);
116 $result = SQL_QUERY_ESC("SELECT email, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
117 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
120 if (SQL_NUMROWS($result) == 1) {
122 list ($email, $sname, $fname) = SQL_FETCHROW($result);
125 SQL_FREERESULT($result);
127 // Transfer data to constants for the template
128 define('__EMAIL', CREATE_EMAIL_LINK($email, "user_data"));
129 define('__SNAME', $sname);
130 define('__FNAME', $fname);
131 define('__UID' , bigintval($_GET['u_id']));
133 // Realy want to lock?
136 case "CONFIRMED": // Yes, lock him down... ;-)
137 define('__OK_VALUE' , "lock");
138 define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID.ADMIN_HEADER_LOCK_ACCOUNT_2);
139 define('__TEXT_VALUE' , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID.ADMIN_TEXT_LOCK_ACCOUNT_2);
142 case "LOCKED": // Unlock the user
143 define('__OK_VALUE' , "unlock");
144 define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID.ADMIN_HEADER_UNLOCK_ACCOUNT_2);
145 define('__TEXT_VALUE' , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID.ADMIN_TEXT_UNLOCK_ACCOUNT_2);
148 case "UNCONFIRMED": // Unconfirmed accounts cannot be unlocked!
149 define('__OK_VALUE' , "del");
150 define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID.ADMIN_HEADER_DEL_ACCOUNT_2);
151 define('__TEXT_VALUE' , ADMIN_TEXT_DEL_ACCOUNT_1.__UID.ADMIN_TEXT_DEL_ACCOUNT_2);
156 LOAD_TEMPLATE("admin_lock_user");
158 // Account does not exists!
159 LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), $_GET['u_id'])."</div>");
168 // An action was performed...
170 LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_green\">".$MSG."</div>");
172 LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_green\">".getMessage('ADMIN_USER_UPDATED')."</div>");
176 // Account does not exists!
177 LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), $_GET['u_id'])."</div>");
181 ADD_MEMBER_SELECTION_BOX();