X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fregmod.php;h=53e6716f265c7be0cbec9eb6a7a6b18abd635b9e;hb=21c63e8b650ff599ca48c94c01c6583dc88f96f3;hp=8e6a577d43234fdd621036d35fd7ce2e88e7165e;hpb=ede011cc32b34b9da797813a0a901847d2a68a7a;p=friendica.git

diff --git a/mod/regmod.php b/mod/regmod.php
index 8e6a577d43..53e6716f26 100644
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -1,6 +1,12 @@
 <?php
 
+require_once('include/enotify.php');
+require_once('include/user.php');
+
 function user_allow($hash) {
+
+	$a = get_app();
+
 	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
 		dbesc($hash)
 	);
@@ -12,19 +18,19 @@ function user_allow($hash) {
 	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
 		intval($register[0]['uid'])
 	);
-	
+
 	if(! count($user))
 		killme();
 
-	$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+	$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
 		dbesc($register[0]['hash'])
 	);
 
 
-	$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
+	$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d",
 		intval($register[0]['uid'])
 	);
-	
+
 	$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
 		intval($user[0]['uid'])
 	);
@@ -36,31 +42,27 @@ function user_allow($hash) {
 
 	push_lang($register[0]['language']);
 
-	$email_tpl = get_intltext_template("register_open_eml.tpl");
-	$email_tpl = replace_macros($email_tpl, array(
-			'$sitename' => $a->config['sitename'],
-			'$siteurl' =>  $a->get_baseurl(),
-			'$username' => $user[0]['username'],
-			'$email' => $user[0]['email'],
-			'$password' => $register[0]['password'],
-			'$uid' => $user[0]['uid']
-	));
-
-	$res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
-		$email_tpl,
-			'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
-			. 'Content-type: text/plain; charset=UTF-8' . "\n"
-			. 'Content-transfer-encoding: 8bit' );
+	send_register_open_eml(
+		$user[0]['email'],
+		$a->config['sitename'],
+		$a->get_baseurl(),
+		$user[0]['username'],
+		$register[0]['password']);
 
 	pop_lang();
 
 	if($res) {
 		info( t('Account approved.') . EOL );
 		return true;
-	}	
+	}
 
 }
 
+
+// This does not have to go through user_remove() and save the nickname
+// permanently against re-registration, as the person was not yet
+// allowed to have friends on this system
+
 function user_deny($hash) {
 
 	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
@@ -73,23 +75,23 @@ function user_deny($hash) {
 	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
 		intval($register[0]['uid'])
 	);
-	
-	$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
+
+	$r = q("DELETE FROM `user` WHERE `uid` = %d",
 		intval($register[0]['uid'])
 	);
-	$r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
+	$r = q("DELETE FROM `contact` WHERE `uid` = %d",
 		intval($register[0]['uid'])
-	); 
-	$r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
+	);
+	$r = q("DELETE FROM `profile` WHERE `uid` = %d",
 		intval($register[0]['uid'])
-	); 
+	);
 
-	$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+	$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
 		dbesc($register[0]['hash'])
 	);
 	notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
 	return true;
-	
+
 }
 
 function regmod_content(&$a) {
@@ -104,7 +106,7 @@ function regmod_content(&$a) {
 		return $o;
 	}
 
-	if(!is_site_admin()) {
+	if((!is_site_admin()) || (x($_SESSION,'submanage') && intval($_SESSION['submanage']))) {
 		notice( t('Permission denied.') . EOL);
 		return '';
 	}
@@ -118,10 +120,14 @@ function regmod_content(&$a) {
 
 
 	if($cmd === 'deny') {
-		if (!user_deny($hash)) killme();
+		user_deny($hash);
+		goaway("/admin/users/");
+		killme();
 	}
 
 	if($cmd === 'allow') {
-		if (!user_allow($hash)) killme();
+		user_allow($hash);
+		goaway("/admin/users/");
+		killme();
 	}
 }