src/Module/Admin/Users/Pending.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2022, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\Admin\Users;
  23
  24 use Friendica\Content\Pager;
  25 use Friendica\Core\Renderer;
  26 use Friendica\Database\DBA;
  27 use Friendica\DI;
  28 use Friendica\Model\Register;
  29 use Friendica\Model\User;
  30 use Friendica\Module\Admin\BaseUsers;
  31 use Friendica\Module\BaseAdmin;
  32 use Friendica\Util\Temporal;
  33
  34 class Pending extends BaseUsers
  35 {
  36         protected function post(array $request = [])
  37         {
  38                 self::checkAdminAccess();
  39
  40                 self::checkFormSecurityTokenRedirectOnError('/admin/users/pending', 'admin_users_pending');
  41
  42                 $pending = $_POST['pending'] ?? [];
  43
  44                 if (!empty($_POST['page_users_approve'])) {
  45                         foreach ($pending as $hash) {
  46                                 User::allow($hash);
  47                         }
  48                         DI::sysmsg()->addInfo(DI::l10n()->tt('%s user approved', '%s users approved', count($pending)));
  49                 }
  50
  51                 if (!empty($_POST['page_users_deny'])) {
  52                         foreach ($pending as $hash) {
  53                                 User::deny($hash);
  54                         }
  55                         DI::sysmsg()->addInfo(DI::l10n()->tt('%s registration revoked', '%s registrations revoked', count($pending)));
  56                 }
  57
  58                 DI::baseUrl()->redirect('admin/users/pending');
  59         }
  60
  61         protected function content(array $request = []): string
  62         {
  63                 parent::content();
  64
  65                 $action = $this->parameters['action'] ?? '';
  66                 $uid = $this->parameters['uid'] ?? 0;
  67
  68                 if ($uid) {
  69                         $user = User::getById($uid, ['username', 'blocked']);
  70                         if (!DBA::isResult($user)) {
  71                                 DI::sysmsg()->addNotice(DI::l10n()->t('User not found'));
  72                                 DI::baseUrl()->redirect('admin/users');
  73                                 return ''; // NOTREACHED
  74                         }
  75                 }
  76
  77                 switch ($action) {
  78                         case 'allow':
  79                                 self::checkFormSecurityTokenRedirectOnError('/admin/users/pending', 'admin_users_pending', 't');
  80                                 User::allow(Register::getPendingForUser($uid)['hash'] ?? '');
  81                                 DI::sysmsg()->addNotice(DI::l10n()->t('Account approved.'));
  82                                 DI::baseUrl()->redirect('admin/users/pending');
  83                                 break;
  84                         case 'deny':
  85                                 self::checkFormSecurityTokenRedirectOnError('/admin/users/pending', 'admin_users_pending', 't');
  86                                 User::deny(Register::getPendingForUser($uid)['hash'] ?? '');
  87                                 DI::sysmsg()->addNotice(DI::l10n()->t('Registration revoked'));
  88                                 DI::baseUrl()->redirect('admin/users/pending');
  89                                 break;
  90                 }
  91
  92                 $pager = new Pager(DI::l10n(), DI::args()->getQueryString(), 100);
  93
  94                 $pending = Register::getPending($pager->getStart(), $pager->getItemsPerPage());
  95
  96                 $count = Register::getPendingCount();
  97
  98                 $t = Renderer::getMarkupTemplate('admin/users/pending.tpl');
  99                 return self::getTabsHTML('pending') . Renderer::replaceMacros($t, [
 100                         // strings //
 101                         '$title' => DI::l10n()->t('Administration'),
 102                         '$page' => DI::l10n()->t('User registrations awaiting review'),
 103                         '$select_all' => DI::l10n()->t('select all'),
 104                         '$th_pending' => [DI::l10n()->t('Request date'), DI::l10n()->t('Name'), DI::l10n()->t('Email')],
 105                         '$no_pending' => DI::l10n()->t('No registrations.'),
 106                         '$pendingnotetext' => DI::l10n()->t('Note from the user'),
 107                         '$approve' => DI::l10n()->t('Approve'),
 108                         '$deny' => DI::l10n()->t('Deny'),
 109
 110                         '$form_security_token' => self::getFormSecurityToken('admin_users_pending'),
 111
 112                         // values //
 113                         '$baseurl' => DI::baseUrl()->get(true),
 114                         '$query_string' => DI::args()->getQueryString(),
 115
 116                         '$pending' => $pending,
 117                         '$count' => $count,
 118                         '$pager' => $pager->renderFull($count),
 119                 ]);
 120         }
 121 }