2 /************************************************************************
3 * MXChange v0.2.1 Start: 09/28/2003 *
4 * =============== Last change: 06/10/2004 *
6 * -------------------------------------------------------------------- *
7 * File : what-lock_user.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Lock members *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Mitglieder sperren *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2008 by Roland Haeder *
21 * For more information visit: http://www.mxchange.org *
23 * This program is free software; you can redistribute it and/or modify *
24 * it under the terms of the GNU General Public License as published by *
25 * the Free Software Foundation; either version 2 of the License, or *
26 * (at your option) any later version. *
28 * This program is distributed in the hope that it will be useful, *
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
31 * GNU General Public License for more details. *
33 * You should have received a copy of the GNU General Public License *
34 * along with this program; if not, write to the Free Software *
35 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
37 ************************************************************************/
39 // Some security stuff...
40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
41 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
45 // Add description as navigation point
46 ADD_DESCR('admin', __FILE__);
49 if (REQUEST_ISSET_GET('uid')) {
51 $result_user = SQL_QUERY_ESC("SELECT status, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
52 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
54 if (SQL_NUMROWS($result_user) == 1) {
56 list($status, $gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
59 SQL_FREERESULT($result_user);
61 // Is a lock reason set?
62 if ((REQUEST_ISSET_POST(('lock'))) && ($status != 'LOCKED')) {
63 // Ok, lock the account!
64 if (GET_EXT_VERSION('user') >= '0.3.5') {
66 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED',lock_reason='%s',lock_timestamp=NOW() WHERE userid=%s LIMIT 1",
67 array(REQUEST_POST('reason'), bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
69 // Lock with no lock reason saved
70 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED' WHERE userid=%s LIMIT 1",
71 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
75 if (SQL_AFFECTEDROWS() == 1) {
76 // Send an email to the user! In later version you can optionally switch this feature off
77 $msg = LOAD_EMAIL_TEMPLATE("lock-user", array('text' => REQUEST_POST('reason')), bigintval(REQUEST_GET('uid')));
80 sendEmail(bigintval(REQUEST_GET('uid')), ADMIN_LOCKED_SUBJ, $msg);
84 $message = sprintf(getMessage('USER_ACCOUNT_LOCKED'), REQUEST_GET('uid'));
86 } elseif ((REQUEST_ISSET_POST(('unlock'))) && ($status == 'LOCKED')) {
87 // Ok, unlock the account!
88 if (GET_EXT_VERSION('user') >= '0.3.5') {
89 // Reset lock reason as well
90 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED',lock_reason='',lock_timestamp='0000-00-00 00:00' WHERE userid=%s LIMIT 1",
91 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
93 // No lock reason to reset
94 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED' WHERE userid=%s LIMIT 1",
95 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
99 if (SQL_AFFECTEDROWS() == 1) {
100 // Send an email to the user! In later version you can optionally switch this feature off
101 $msg = LOAD_EMAIL_TEMPLATE("unlock-user", array('text' => REQUEST_POST('reason')), bigintval(REQUEST_GET('uid')));
104 sendEmail(bigintval(REQUEST_GET('uid')), getMessage('ADMIN_UNLOCKED_SUBJ'), $msg);
105 if (EXT_IS_ACTIVE('rallye')) {
106 RALLYE_AUTOADD_USER(REQUEST_GET('uid'));
111 $message = sprintf(getMessage('USER_ACCOUNT_UNLOCKED'), REQUEST_GET('uid'));
113 } elseif (REQUEST_ISSET_POST('del')) {
114 // Delete the account
116 loadIncludeOnce("inc/modules/admin/what-del_user.php");
117 } elseif (REQUEST_ISSET_POST('no')) {
118 // Do not lock him...
119 $URL = ADMIN_CREATE_USERID_LINK(REQUEST_GET('uid'));
121 $result = SQL_QUERY_ESC("SELECT email, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
122 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
125 if (SQL_NUMROWS($result) == 1) {
127 list ($email, $sname, $fname) = SQL_FETCHROW($result);
130 SQL_FREERESULT($result);
132 // Transfer data to constants for the template
133 // @TODO Rewrite these all constants
134 define('__EMAIL', generateMemberEmailLink($email, 'user_data'));
135 define('__SNAME', $sname);
136 define('__FNAME', $fname);
137 define('__UID' , bigintval(REQUEST_GET('uid')));
139 // Realy want to lock?
142 case 'CONFIRMED': // Yes, lock him down... ;-)
143 define('__OK_VALUE' , 'lock');
144 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_LOCK_ACCOUNT'), constant('__UID')));
145 define('__TEXT_VALUE' , sprintf(getMessage('ADMIN_TEXT_LOCK_ACCOUNT'), constant('__UID')));
148 case 'LOCKED': // Unlock the user
149 define('__OK_VALUE' , 'unlock');
150 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_UNLOCK_ACCOUNT'), constant('__UID')));
151 define('__TEXT_VALUE' , sprintf(getMessage('ADMIN_TEXT_UNLOCK_ACCOUNT'), constant('__UID')));
154 case 'UNCONFIRMED': // Unconfirmed accounts cannot be unlocked!
155 define('__OK_VALUE' , 'del');
156 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_DEL_ACCOUNT'), constant('__UID')));
157 define('__TEXT_VALUE' , sprintf(getMessage('ADMIN_TEXT_DEL_ACCOUNT'), constant('__UID')));
162 LOAD_TEMPLATE('admin_lock_user');
164 // Account does not exists!
165 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
174 // An action was performed...
175 if (!empty($message)) {
176 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_green\">".$message."</div>");
178 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_green\">".getMessage('ADMIN_USER_UPDATED')."</div>");
182 // Account does not exists!
183 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
187 ADD_MEMBER_SELECTION_BOX();