2 /************************************************************************
\r
3 * MXChange v0.2.1 Start: 09/28/2003 *
\r
4 * =============== Last change: 06/10/2004 *
\r
6 * -------------------------------------------------------------------- *
\r
7 * File : what-lock_user.php *
\r
8 * -------------------------------------------------------------------- *
\r
9 * Short description : Lock members *
\r
10 * -------------------------------------------------------------------- *
\r
11 * Kurzbeschreibung : Mitglieder sperren *
\r
12 * -------------------------------------------------------------------- *
\r
14 * -------------------------------------------------------------------- *
\r
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
\r
16 * For more information visit: http://www.mxchange.org *
\r
18 * This program is free software; you can redistribute it and/or modify *
\r
19 * it under the terms of the GNU General Public License as published by *
\r
20 * the Free Software Foundation; either version 2 of the License, or *
\r
21 * (at your option) any later version. *
\r
23 * This program is distributed in the hope that it will be useful, *
\r
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
\r
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
\r
26 * GNU General Public License for more details. *
\r
28 * You should have received a copy of the GNU General Public License *
\r
29 * along with this program; if not, write to the Free Software *
\r
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
\r
31 * MA 02110-1301 USA *
\r
32 ************************************************************************/
\r
34 // Some security stuff...
\r
35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
\r
37 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
\r
41 // Add description as navigation point
\r
42 ADD_DESCR("admin", basename(__FILE__));
\r
44 OPEN_TABLE("100%", "admin_content admin_content_align", "");
\r
45 if (!empty($_GET['u_id']))
\r
47 $result_user = SQL_QUERY_ESC("SELECT status, sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
\r
48 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
\r
50 if (SQL_NUMROWS($result_user) == 1)
\r
53 list($status, $sex, $sname, $fname, $email) = SQL_FETCHROW($result_user);
\r
54 SQL_FREERESULT($result_user);
\r
55 if (empty($_GET['u_id']))
\r
57 // Output selection form with all confirmed user accounts listed
\r
58 ADD_MEMBER_SELECTION_BOX();
\r
60 elseif (!empty($_POST['lock']))
\r
62 // Ok, lock the account!
\r
63 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%d LIMIT 1",
\r
64 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
\r
65 if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
\r
67 // Send an email to the user! In later version you can optionally switch this feature off
\r
68 $msg = LOAD_EMAIL_TEMPLATE("lock-user", stripslashes($_POST['reason']), $_GET['u_id']);
\r
71 SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);
\r
75 $MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;
\r
78 elseif (!empty($_POST['unlock']))
\r
80 // Ok, unlock the account!
\r
81 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%d LIMIT 1",
\r
82 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
\r
83 if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
\r
85 // Send an email to the user! In later version you can optionally switch this feature off
\r
86 $msg = LOAD_EMAIL_TEMPLATE("unlock-user", stripslashes($_POST['reason']), $_GET['u_id']);
\r
89 SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);
\r
90 if (EXT_IS_ACTIVE("rallye"))
\r
92 RALLYE_AUTOADD_USER($_GET['u_id']);
\r
97 $MSG = USER_ACCOUNT_UNLOCKED_1.$_GET['u_id'].USER_ACCOUNT_UNLOCKED_2;
\r
100 elseif (isset($_POST['del']))
\r
102 // Delete the account
\r
104 require_once(PATH."inc/modules/admin/what-del_user.php");
\r
106 elseif (!empty($_POST['no']))
\r
108 // Do not lock him...
\r
109 $URL = URL."/modules.php?module=admin&what=list_user&u_id=".$_GET['u_id'];
\r
113 $result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
\r
114 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
\r
115 if (SQL_NUMROWS($result) == 1)
\r
118 list ($email, $sname, $fname) = SQL_FETCHROW($result);
\r
119 SQL_FREERESULT($result);
\r
121 // Transfer data to constants for the template
\r
122 define('__EMAIL', CREATE_EMAIL_LINK($email, "user_data"));
\r
123 define('__SNAME', $sname);
\r
124 define('__FNAME', $fname);
\r
125 define('__UID' , $_GET['u_id']);
\r
127 // Transfer data to constants for the template
\r
128 define('__UID_VALUE', $_GET['u_id']);
\r
130 // Realy want to lock?
\r
133 case "CONFIRMED": // Yes, lock him down... ;-)
\r
134 define('__OK_VALUE' , "lock");
\r
135 define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_LOCK_ACCOUNT_2);
\r
136 define('__TEXT_VALUE' , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_LOCK_ACCOUNT_2);
\r
139 case "LOCKED": // Unlock the user
\r
140 define('__OK_VALUE' , "unlock");
\r
141 define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_UNLOCK_ACCOUNT_2);
\r
142 define('__TEXT_VALUE' , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_UNLOCK_ACCOUNT_2);
\r
145 case "UNCONFIRMED": // Unconfirmed accounts cannot be unlocked!
\r
146 define('__OK_VALUE' , "del");
\r
147 define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_DEL_ACCOUNT_2);
\r
148 define('__TEXT_VALUE' , ADMIN_TEXT_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_DEL_ACCOUNT_2);
\r
153 LOAD_TEMPLATE("admin_lock_user");
\r
157 // Account does not exists!
\r
158 OUTPUT_HTML ("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
\r
163 // Reload and die...
\r
168 // An action was performed...
\r
171 LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".$MSG."</STRONG>");
\r
175 LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".ADMIN_USER_UPDATED."</STRONG>");
\r
181 // Account does not exists!
\r
182 OUTPUT_HTML ("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
\r
188 ADD_MEMBER_SELECTION_BOX();
\r