0.2.1/inc/modules/admin/what-lock_user.php

   1 <?php\r
   2 /************************************************************************\r
   3  * MXChange v0.2.1                                    Start: 09/28/2003 *\r
   4  * ===============                              Last change: 06/10/2004 *\r
   5  *                                                                      *\r
   6  * -------------------------------------------------------------------- *\r
   7  * File              : what-lock_user.php                               *\r
   8  * -------------------------------------------------------------------- *\r
   9  * Short description : Lock members                                     *\r
  10  * -------------------------------------------------------------------- *\r
  11  * Kurzbeschreibung  : Mitglieder sperren                               *\r
  12  * -------------------------------------------------------------------- *\r
  13  *                                                                      *\r
  14  * -------------------------------------------------------------------- *\r
  15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *\r
  16  * For more information visit: http://www.mxchange.org                  *\r
  17  *                                                                      *\r
  18  * This program is free software; you can redistribute it and/or modify *\r
  19  * it under the terms of the GNU General Public License as published by *\r
  20  * the Free Software Foundation; either version 2 of the License, or    *\r
  21  * (at your option) any later version.                                  *\r
  22  *                                                                      *\r
  23  * This program is distributed in the hope that it will be useful,      *\r
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *\r
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *\r
  26  * GNU General Public License for more details.                         *\r
  27  *                                                                      *\r
  28  * You should have received a copy of the GNU General Public License    *\r
  29  * along with this program; if not, write to the Free Software          *\r
  30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *\r
  31  * MA  02110-1301  USA                                                  *\r
  32  ************************************************************************/\r
  33 \r
  34 // Some security stuff...\r
  35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))\r
  36 {\r
  37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";\r
  38         require($INC);\r
  39 }\r
  40 \r
  41 // Add description as navigation point\r
  42 ADD_DESCR("admin", basename(__FILE__));\r
  43 \r
  44 OPEN_TABLE("100%", "admin_content admin_content_align", "");\r
  45 if (!empty($_GET['u_id']))\r
  46 {\r
  47         $result_user = SQL_QUERY_ESC("SELECT status, sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
  48          array(bigintval($_GET['u_id'])), __FILE__, __LINE__);\r
  49         $ACT = false;\r
  50         if (SQL_NUMROWS($result_user) == 1)\r
  51         {\r
  52                 // User found\r
  53                 list($status, $sex, $sname, $fname, $email) = SQL_FETCHROW($result_user);\r
  54                 SQL_FREERESULT($result_user);\r
  55                 if (empty($_GET['u_id']))\r
  56                 {\r
  57                         // Output selection form with all confirmed user accounts listed\r
  58                         ADD_MEMBER_SELECTION_BOX();\r
  59                 }\r
  60                  elseif (!empty($_POST['lock']))\r
  61                 {\r
  62                         // Ok, lock the account!\r
  63                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%d LIMIT 1",\r
  64                          array(bigintval($_GET['u_id'])), __FILE__, __LINE__);\r
  65                         if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)\r
  66                         {\r
  67                                 // Send an email to the user! In later version you can optionally switch this feature off\r
  68                                 $msg = LOAD_EMAIL_TEMPLATE("lock-user", stripslashes($_POST['reason']), $_GET['u_id']);\r
  69 \r
  70                                 // Send away...\r
  71                                 SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);\r
  72                         }\r
  73 \r
  74                         // Prepare message\r
  75                         $MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;\r
  76                         $ACT = true;\r
  77                 }\r
  78                  elseif (!empty($_POST['unlock']))\r
  79                 {\r
  80                         // Ok, unlock the account!\r
  81                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%d LIMIT 1",\r
  82                          array(bigintval($_GET['u_id'])), __FILE__, __LINE__);\r
  83                         if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)\r
  84                         {\r
  85                                 // Send an email to the user! In later version you can optionally switch this feature off\r
  86                                 $msg = LOAD_EMAIL_TEMPLATE("unlock-user", stripslashes($_POST['reason']), $_GET['u_id']);\r
  87 \r
  88                                 // Send away...\r
  89                                 SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);\r
  90                                 if (EXT_IS_ACTIVE("rallye"))\r
  91                                 {\r
  92                                         RALLYE_AUTOADD_USER($_GET['u_id']);\r
  93                                 }\r
  94                         }\r
  95 \r
  96                         // Prepare message\r
  97                         $MSG = USER_ACCOUNT_UNLOCKED_1.$_GET['u_id'].USER_ACCOUNT_UNLOCKED_2;\r
  98                         $ACT = true;\r
  99                 }\r
 100                  elseif (isset($_POST['del']))\r
 101                 {\r
 102                         // Delete the account\r
 103                         $ACT = true;\r
 104                         require_once(PATH."inc/modules/admin/what-del_user.php");\r
 105                 }\r
 106                  elseif (!empty($_POST['no']))\r
 107                 {\r
 108                         // Do not lock him...\r
 109                         $URL = URL."/modules.php?module=admin&amp;what=list_user&amp;u_id=".$_GET['u_id'];\r
 110                 }\r
 111                  else\r
 112                 {\r
 113                         $result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",\r
 114                          array(bigintval($_GET['u_id'])), __FILE__, __LINE__);\r
 115                         if (SQL_NUMROWS($result) == 1)\r
 116                         {\r
 117                                 // Load data\r
 118                                 list ($email, $sname, $fname) = SQL_FETCHROW($result);\r
 119                                 SQL_FREERESULT($result);\r
 120 \r
 121                                 // Transfer data to constants for the template\r
 122                                 define('__EMAIL', CREATE_EMAIL_LINK($email, "user_data"));\r
 123                                 define('__SNAME', $sname);\r
 124                                 define('__FNAME', $fname);\r
 125                                 define('__UID'  , $_GET['u_id']);\r
 126 \r
 127                                 // Transfer data to constants for the template\r
 128                                 define('__UID_VALUE', $_GET['u_id']);\r
 129 \r
 130                                 // Realy want to lock?\r
 131                                 switch ($status)\r
 132                                 {\r
 133                                 case "CONFIRMED": // Yes, lock him down... ;-)\r
 134                                         define('__OK_VALUE'    , "lock");\r
 135                                         define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_LOCK_ACCOUNT_2);\r
 136                                         define('__TEXT_VALUE'  , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_LOCK_ACCOUNT_2);\r
 137                                         break;\r
 138 \r
 139                                 case "LOCKED": // Unlock the user\r
 140                                         define('__OK_VALUE'    , "unlock");\r
 141                                         define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_UNLOCK_ACCOUNT_2);\r
 142                                         define('__TEXT_VALUE'  , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_UNLOCK_ACCOUNT_2);\r
 143                                         break;\r
 144 \r
 145                                 case "UNCONFIRMED": // Unconfirmed accounts cannot be unlocked!\r
 146                                         define('__OK_VALUE'    , "del");\r
 147                                         define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_DEL_ACCOUNT_2);\r
 148                                         define('__TEXT_VALUE'  , ADMIN_TEXT_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_DEL_ACCOUNT_2);\r
 149                                         break;\r
 150                                 }\r
 151 \r
 152                                 // Output form\r
 153                                 LOAD_TEMPLATE("admin_lock_user");\r
 154                         }\r
 155                          else\r
 156                         {\r
 157                                 // Account does not exists!\r
 158                                 OUTPUT_HTML ("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");\r
 159                         }\r
 160                 }\r
 161                 if (!empty($URL))\r
 162                 {\r
 163                         // Reload and die...\r
 164                         LOAD_URL($URL);\r
 165                 }\r
 166                  elseif ($ACT)\r
 167                 {\r
 168                         // An action was performed...\r
 169                         if (!empty($MSG))\r
 170                         {\r
 171                                 LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".$MSG."</STRONG>");\r
 172                         }\r
 173                          else\r
 174                         {\r
 175                                 LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".ADMIN_USER_UPDATED."</STRONG>");\r
 176                         }\r
 177                 }\r
 178         }\r
 179          else\r
 180         {\r
 181                 // Account does not exists!\r
 182                 OUTPUT_HTML ("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");\r
 183         }\r
 184 }\r
 185  else\r
 186 {\r
 187         // List all users\r
 188         ADD_MEMBER_SELECTION_BOX();\r
 189 }\r
 190 CLOSE_TABLE();\r
 191 //\r
 192 ?>\r