X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fregmod.php;h=1983ca0899ddbf0608b43bcccb601046c355d44b;hb=1c6535c0b45c32ccbb0e2bd49e5bb7a6d5435d27;hp=b985ee3644e69600d960a98cfe8f73be19109c88;hpb=de131c9e58ac2b14380d145d643bf2bd902ae9dc;p=friendica.git

diff --git a/mod/regmod.php b/mod/regmod.php
index b985ee3644..1983ca0899 100644
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -1,103 +1,137 @@
 <?php
 
+require_once('include/enotify.php');
+require_once('include/user.php');
 
+function user_allow($hash) {
 
-function regmod_content(&$a) {
+	$a = get_app();
 
-	$_SESSION['return_url'] = $a->cmd;
+	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+		dbesc($hash)
+	);
 
-	if(! local_user()) {
-		notice( t('Please login.') . EOL);
-		$o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
-		return $o;
-	}
 
-	if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) {
-		notice( t('Permission denied.') . EOL);
-		return '';
+	if (! dbm::is_result($register)) {
+		return false;
 	}
 
-	if($a->argc != 3)
+	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	);
+
+	if (! dbm::is_result($user)) {
 		killme();
+	}
 
-	$cmd  = $a->argv[1];
-	$hash = $a->argv[2];
+	$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
+		dbesc($register[0]['hash'])
+	);
+
+
+	$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d",
+		intval($register[0]['uid'])
+	);
+
+	$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
+		intval($user[0]['uid'])
+	);
+	if (dbm::is_result($r) && $r[0]['net-publish']) {
+		$url = App::get_baseurl() . '/profile/' . $user[0]['nickname'];
+		if ($url && strlen(get_config('system','directory'))) {
+			proc_run(PRIORITY_LOW, "include/directory.php", $url);
+		}
+	}
+
+	push_lang($register[0]['language']);
+
+	send_register_open_eml(
+		$user[0]['email'],
+		$a->config['sitename'],
+		App::get_baseurl(),
+		$user[0]['username'],
+		$register[0]['password']);
+
+	pop_lang();
+
+	if($res) {
+		info( t('Account approved.') . EOL );
+		return true;
+	}
+
+}
 
 
+// This does not have to go through user_remove() and save the nickname
+// permanently against re-registration, as the person was not yet
+// allowed to have friends on this system
+
+function user_deny($hash) {
+
 	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
 		dbesc($hash)
 	);
 
-
-	if(! count($register))
-		killme();
+	if(! dbm::is_result($register))
+		return false;
 
 	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
 		intval($register[0]['uid'])
 	);
 
-	if($cmd === 'deny') {
+	$r = q("DELETE FROM `user` WHERE `uid` = %d",
+		intval($register[0]['uid'])
+	);
+	$r = q("DELETE FROM `contact` WHERE `uid` = %d",
+		intval($register[0]['uid'])
+	);
+	$r = q("DELETE FROM `profile` WHERE `uid` = %d",
+		intval($register[0]['uid'])
+	);
+
+	$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
+		dbesc($register[0]['hash'])
+	);
+	notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
+	return true;
+
+}
+
+function regmod_content(App $a) {
+
+	global $lang;
 
-		$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		);
-		$r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		); 
-		$r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		); 
+	$_SESSION['return_url'] = $a->cmd;
 
-		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
-			dbesc($register[0]['hash'])
-		);
-		notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
-		return;
+	if (! local_user()) {
+		info( t('Please login.') . EOL);
+		$o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
+		return $o;
+	}
 
+	if ((!is_site_admin()) || (x($_SESSION,'submanage') && intval($_SESSION['submanage']))) {
+		notice( t('Permission denied.') . EOL);
+		return '';
 	}
 
-	if($cmd === 'allow') {
+	if ($a->argc != 3) {
+		killme();
+	}
 
-		if(! count($user))
-			killme();
+	$cmd  = $a->argv[1];
+	$hash = $a->argv[2];
 
-		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
-			dbesc($register[0]['hash'])
-		);
 
 
-		$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		);
-		
-		$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
-			intval($user[0]['uid'])
-		);
-		if(count($r) && $r[0]['net-publish']) {
-			$url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
-			if($url && strlen(get_config('system','directory_submit_url')))
-				proc_run('php',"include/directory.php","$url");
-		}
+	if ($cmd === 'deny') {
+		user_deny($hash);
+		goaway(App::get_baseurl()."/admin/users/");
+		killme();
+	}
 
-		$email_tpl = load_view_file("view/register_open_eml.tpl");
-		$email_tpl = replace_macros($email_tpl, array(
-				'$sitename' => $a->config['sitename'],
-				'$siteurl' =>  $a->get_baseurl(),
-				'$username' => $user[0]['username'],
-				'$email' => $user[0]['email'],
-				'$password' => $register[0]['password'],
-				'$uid' => $user[0]['uid']
-		));
-
-		$res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
-			$email_tpl,
-				'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
-				. 'Content-type: text/plain; charset=UTF-8' . "\n"
-				. 'Content-transfer-encoding: 8bit' );
-
-		if($res) {
-			notice( t('Account approved.') . EOL );
-			return;
-		}
+	if ($cmd === 'allow') {
+		user_allow($hash);
+		goaway(App::get_baseurl()."/admin/users/");
+		killme();
 	}
-}
\ No newline at end of file
+}