3 namespace Friendica\Module\Admin;
5 use Friendica\Content\Pager;
6 use Friendica\Core\Config;
7 use Friendica\Core\L10n;
8 use Friendica\Core\Renderer;
9 use Friendica\Database\DBA;
11 use Friendica\Model\Register;
12 use Friendica\Model\User;
13 use Friendica\Module\BaseAdminModule;
14 use Friendica\Util\Strings;
15 use Friendica\Util\Temporal;
17 class Users extends BaseAdminModule
19 public static function post(array $parameters = [])
21 parent::post($parameters);
25 $pending = $_POST['pending'] ?? [];
26 $users = $_POST['user'] ?? [];
27 $nu_name = $_POST['new_user_name'] ?? '';
28 $nu_nickname = $_POST['new_user_nickname'] ?? '';
29 $nu_email = $_POST['new_user_email'] ?? '';
30 $nu_language = Config::get('system', 'language');
32 parent::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users');
34 if ($nu_name !== '' && $nu_email !== '' && $nu_nickname !== '') {
36 $result = User::create([
37 'username' => $nu_name,
39 'nickname' => $nu_nickname,
41 'language' => $nu_language
43 } catch (\Exception $ex) {
44 notice($ex->getMessage());
48 $user = $result['user'];
49 $preamble = Strings::deindent(L10n::t('
51 the administrator of %2$s has set up an account for you.'));
52 $body = Strings::deindent(L10n::t('
53 The login details are as follows:
59 You may change your password from your account "Settings" page after logging
62 Please take a few moments to review the other account settings on that page.
64 You may also wish to add some basic information to your default profile
65 (on the "Profiles" page) so that other people can easily find you.
67 We recommend setting your full name, adding a profile photo,
68 adding some profile "keywords" (very useful in making new friends) - and
69 perhaps what country you live in; if you do not wish to be more specific
72 We fully respect your right to privacy, and none of these items are necessary.
73 If you are new and do not know anybody here, they may help
74 you to make some new and interesting friends.
76 If you ever want to delete your account, you can do so at %1$s/removeme
78 Thank you and welcome to %4$s.'));
80 $preamble = sprintf($preamble, $user['username'], Config::get('config', 'sitename'));
81 $body = sprintf($body, $a->getBaseURL(), $user['nickname'], $result['password'], Config::get('config', 'sitename'));
84 'type' => SYSTEM_EMAIL,
85 'language' => $user['language'],
86 'to_name' => $user['username'],
87 'to_email' => $user['email'],
88 'uid' => $user['uid'],
89 'subject' => L10n::t('Registration details for %s', Config::get('config', 'sitename')),
90 'preamble' => $preamble,
94 if (!empty($_POST['page_users_block'])) {
95 // @TODO Move this to Model\User:block($users);
96 DBA::update('user', ['blocked' => 1], ['uid' => $users]);
97 notice(L10n::tt('%s user blocked', '%s users blocked', count($users)));
100 if (!empty($_POST['page_users_unblock'])) {
101 // @TODO Move this to Model\User:unblock($users);
102 DBA::update('user', ['blocked' => 0], ['uid' => $users]);
103 notice(L10n::tt('%s user unblocked', '%s users unblocked', count($users)));
106 if (!empty($_POST['page_users_delete'])) {
107 foreach ($users as $uid) {
108 if (local_user() != $uid) {
111 notice(L10n::t('You can\'t remove yourself'));
115 notice(L10n::tt('%s user deleted', '%s users deleted', count($users)));
118 if (!empty($_POST['page_users_approve'])) {
119 require_once 'mod/regmod.php';
120 foreach ($pending as $hash) {
125 if (!empty($_POST['page_users_deny'])) {
126 require_once 'mod/regmod.php';
127 foreach ($pending as $hash) {
132 DI::baseUrl()->redirect('admin/users');
135 public static function content(array $parameters = [])
137 parent::content($parameters);
142 // @TODO: Replace with parameter from router
143 $action = $a->argv[2];
145 $user = User::getById($uid, ['username', 'blocked']);
146 if (!DBA::isResult($user)) {
147 notice('User not found' . EOL);
148 DI::baseUrl()->redirect('admin/users');
149 return ''; // NOTREACHED
154 if (local_user() != $uid) {
155 parent::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
159 notice(L10n::t('User "%s" deleted', $user['username']));
161 notice(L10n::t('You can\'t remove yourself'));
165 parent::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
166 // @TODO Move this to Model\User:block([$uid]);
167 DBA::update('user', ['blocked' => 1], ['uid' => $uid]);
168 notice(L10n::t('User "%s" blocked', $user['username']));
171 parent::checkFormSecurityTokenRedirectOnError('/admin/users', 'admin_users', 't');
172 // @TODO Move this to Model\User:unblock([$uid]);
173 DBA::update('user', ['blocked' => 0], ['uid' => $uid]);
174 notice(L10n::t('User "%s" unblocked', $user['username']));
178 DI::baseUrl()->redirect('admin/users');
182 $pending = Register::getPending();
184 $pager = new Pager($a->query_string, 100);
186 // @TODO Move below block to Model\User::getUsers($start, $count, $order = 'contact.name', $order_direction = '+')
190 'user.register_date',
196 $order = 'contact.name';
197 $order_direction = '+';
198 if (!empty($_GET['o'])) {
199 $new_order = $_GET['o'];
200 if ($new_order[0] === '-') {
201 $order_direction = '-';
202 $new_order = substr($new_order, 1);
205 if (in_array($new_order, $valid_orders)) {
209 $sql_order = '`' . str_replace('.', '`.`', $order) . '`';
210 $sql_order_direction = ($order_direction === '+') ? 'ASC' : 'DESC';
212 $usersStmt = DBA::p("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date`
214 INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
215 WHERE `user`.`verified`
216 ORDER BY $sql_order $sql_order_direction LIMIT ?, ?", $pager->getStart(), $pager->getItemsPerPage()
218 $users = DBA::toArray($usersStmt);
220 $adminlist = explode(',', str_replace(' ', '', Config::get('config', 'admin_email')));
221 $_setup_users = function ($e) use ($adminlist) {
223 User::PAGE_FLAGS_NORMAL => L10n::t('Normal Account Page'),
224 User::PAGE_FLAGS_SOAPBOX => L10n::t('Soapbox Page'),
225 User::PAGE_FLAGS_COMMUNITY => L10n::t('Public Forum'),
226 User::PAGE_FLAGS_FREELOVE => L10n::t('Automatic Friend Page'),
227 User::PAGE_FLAGS_PRVGROUP => L10n::t('Private Forum')
230 User::ACCOUNT_TYPE_PERSON => L10n::t('Personal Page'),
231 User::ACCOUNT_TYPE_ORGANISATION => L10n::t('Organisation Page'),
232 User::ACCOUNT_TYPE_NEWS => L10n::t('News Page'),
233 User::ACCOUNT_TYPE_COMMUNITY => L10n::t('Community Forum'),
234 User::ACCOUNT_TYPE_RELAY => L10n::t('Relay'),
237 $e['page_flags_raw'] = $e['page-flags'];
238 $e['page-flags'] = $page_types[$e['page-flags']];
240 $e['account_type_raw'] = ($e['page_flags_raw'] == 0) ? $e['account-type'] : -1;
241 $e['account-type'] = ($e['page_flags_raw'] == 0) ? $account_types[$e['account-type']] : '';
243 $e['register_date'] = Temporal::getRelativeDate($e['register_date']);
244 $e['login_date'] = Temporal::getRelativeDate($e['login_date']);
245 $e['lastitem_date'] = Temporal::getRelativeDate($e['lastitem_date']);
246 $e['is_admin'] = in_array($e['email'], $adminlist);
247 $e['is_deletable'] = (intval($e['uid']) != local_user());
248 $e['deleted'] = ($e['account_removed'] ? Temporal::getRelativeDate($e['account_expires_on']) : False);
253 $tmp_users = array_map($_setup_users, $users);
255 // Get rid of dashes in key names, Smarty3 can't handle them
256 // and extracting deleted users
260 foreach ($tmp_users as $user) {
261 foreach ($user as $k => $v) {
262 $newkey = str_replace('-', '_', $k);
266 if ($user['deleted']) {
273 $th_users = array_map(null, [L10n::t('Name'), L10n::t('Email'), L10n::t('Register date'), L10n::t('Last login'), L10n::t('Last item'), L10n::t('Type')], $valid_orders);
275 $t = Renderer::getMarkupTemplate('admin/users.tpl');
276 $o = Renderer::replaceMacros($t, [
278 '$title' => L10n::t('Administration'),
279 '$page' => L10n::t('Users'),
280 '$submit' => L10n::t('Add User'),
281 '$select_all' => L10n::t('select all'),
282 '$h_pending' => L10n::t('User registrations waiting for confirm'),
283 '$h_deleted' => L10n::t('User waiting for permanent deletion'),
284 '$th_pending' => [L10n::t('Request date'), L10n::t('Name'), L10n::t('Email')],
285 '$no_pending' => L10n::t('No registrations.'),
286 '$pendingnotetext' => L10n::t('Note from the user'),
287 '$approve' => L10n::t('Approve'),
288 '$deny' => L10n::t('Deny'),
289 '$delete' => L10n::t('Delete'),
290 '$block' => L10n::t('Block'),
291 '$blocked' => L10n::t('User blocked'),
292 '$unblock' => L10n::t('Unblock'),
293 '$siteadmin' => L10n::t('Site admin'),
294 '$accountexpired' => L10n::t('Account expired'),
296 '$h_users' => L10n::t('Users'),
297 '$h_newuser' => L10n::t('New User'),
298 '$th_deleted' => [L10n::t('Name'), L10n::t('Email'), L10n::t('Register date'), L10n::t('Last login'), L10n::t('Last item'), L10n::t('Permanent deletion')],
299 '$th_users' => $th_users,
300 '$order_users' => $order,
301 '$order_direction_users' => $order_direction,
303 '$confirm_delete_multi' => L10n::t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
304 '$confirm_delete' => L10n::t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
306 '$form_security_token' => parent::getFormSecurityToken('admin_users'),
309 '$baseurl' => $a->getBaseURL(true),
311 '$pending' => $pending,
312 'deleted' => $deleted,
314 '$newusername' => ['new_user_name', L10n::t('Name'), '', L10n::t('Name of the new user.')],
315 '$newusernickname' => ['new_user_nickname', L10n::t('Nickname'), '', L10n::t('Nickname of the new user.')],
316 '$newuseremail' => ['new_user_email', L10n::t('Email'), '', L10n::t('Email address of the new user.'), '', '', 'email'],
319 $o .= $pager->renderFull(DBA::count('user'));