mod/regmod.php

   1 <?php
   2
   3
   4
   5 function regmod_content(&$a) {
   6
   7         $_SESSION['return_url'] = $a->cmd;
   8
   9         if(! local_user()) {
  10                 notice( t('Please login.') . EOL);
  11                 $o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
  12                 return $o;
  13         }
  14
  15         if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) {
  16                 notice( t('Permission denied.') . EOL);
  17                 return '';
  18         }
  19
  20         if($a->argc != 3)
  21                 killme();
  22
  23         $cmd  = $a->argv[1];
  24         $hash = $a->argv[2];
  25
  26
  27         $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
  28                 dbesc($hash)
  29         );
  30
  31
  32         if(! count($register))
  33                 killme();
  34
  35         $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  36                 intval($register[0]['uid'])
  37         );
  38
  39         if($cmd === 'deny') {
  40
  41                 $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
  42                         intval($register[0]['uid'])
  43                 );
  44                 $r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
  45                         intval($register[0]['uid'])
  46                 );
  47                 $r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
  48                         intval($register[0]['uid'])
  49                 );
  50
  51                 $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
  52                         dbesc($register[0]['hash'])
  53                 );
  54                 notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
  55                 return;
  56
  57         }
  58
  59         if($cmd === 'allow') {
  60
  61                 if(! count($user))
  62                         killme();
  63
  64                 $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
  65                         dbesc($register[0]['hash'])
  66                 );
  67
  68
  69                 $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
  70                         intval($register[0]['uid'])
  71                 );
  72
  73                 $r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
  74                         intval($user[0]['uid'])
  75                 );
  76                 if(count($r) && $r[0]['net-publish']) {
  77                         $url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
  78                         if($url && strlen(get_config('system','directory_submit_url')))
  79                                 proc_run('php',"include/directory.php","$url");
  80                 }
  81
  82                 $email_tpl = load_view_file("view/register_open_eml.tpl");
  83                 $email_tpl = replace_macros($email_tpl, array(
  84                                 '$sitename' => $a->config['sitename'],
  85                                 '$siteurl' =>  $a->get_baseurl(),
  86                                 '$username' => $user[0]['username'],
  87                                 '$email' => $user[0]['email'],
  88                                 '$password' => $register[0]['password'],
  89                                 '$uid' => $user[0]['uid']
  90                 ));
  91
  92                 $res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
  93                         $email_tpl,'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] );
  94
  95                 if($res) {
  96                         notice( t('Account approved.') . EOL );
  97                         return;
  98                 }
  99         }
 100 }