inc/modules/admin/what-lock_user.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 09/28/2003 *
   4  * ===============                              Last change: 06/10/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-lock_user.php                               *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Lock members                                     *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Mitglieder sperren                               *
  12  * -------------------------------------------------------------------- *
  13  * $Revision::                                                        $ *
  14  * $Date::                                                            $ *
  15  * $Tag:: 0.2.1-FINAL                                                 $ *
  16  * $Author::                                                          $ *
  17  * Needs to be in all Files and every File needs "svn propset           *
  18  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  19  * -------------------------------------------------------------------- *
  20  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  21  * For more information visit: http://www.mxchange.org                  *
  22  *                                                                      *
  23  * This program is free software; you can redistribute it and/or modify *
  24  * it under the terms of the GNU General Public License as published by *
  25  * the Free Software Foundation; either version 2 of the License, or    *
  26  * (at your option) any later version.                                  *
  27  *                                                                      *
  28  * This program is distributed in the hope that it will be useful,      *
  29  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  30  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  31  * GNU General Public License for more details.                         *
  32  *                                                                      *
  33  * You should have received a copy of the GNU General Public License    *
  34  * along with this program; if not, write to the Free Software          *
  35  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  36  * MA  02110-1301  USA                                                  *
  37  ************************************************************************/
  38
  39 // Some security stuff...
  40 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
  41         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
  42         require($INC);
  43 } // END - if
  44
  45 // Add description as navigation point
  46 ADD_DESCR('admin', __FILE__);
  47
  48 // Is a userid set?
  49 if (REQUEST_ISSET_GET('uid')) {
  50         // Load user's data
  51         $result_user = SQL_QUERY_ESC("SELECT status, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
  52         array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
  53         $ACT = false;
  54         if (SQL_NUMROWS($result_user) == 1) {
  55                 // User found
  56                 list($status, $gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
  57
  58                 // Free result
  59                 SQL_FREERESULT($result_user);
  60
  61                 // Is a lock reason set?
  62                 if ((REQUEST_ISSET_POST('lock')) && ($status != 'LOCKED')) {
  63                         // Ok, lock the account!
  64                         if (GET_EXT_VERSION('user') >= '0.3.5') {
  65                                 // Lock with reason
  66                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED',lock_reason='%s',lock_timestamp=NOW() WHERE userid=%s LIMIT 1",
  67                                 array(REQUEST_POST('reason'), bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
  68                         } else {
  69                                 // Lock with no lock reason saved
  70                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED' WHERE userid=%s LIMIT 1",
  71                                 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
  72                         }
  73
  74                         // Entry updated?
  75                         if (SQL_AFFECTEDROWS() == 1) {
  76                                 // Send an email to the user! In later version you can optionally switch this feature off
  77                                 $message = LOAD_EMAIL_TEMPLATE('lock-user', array('text' => REQUEST_POST('reason')), bigintval(REQUEST_GET('uid')));
  78
  79                                 // Send away...
  80                                 sendEmail(bigintval(REQUEST_GET('uid')), ADMIN_LOCKED_SUBJ, $message);
  81                         } // END - if
  82
  83                         // Prepare message
  84                         $message = sprintf(getMessage('USER_ACCOUNT_LOCKED'), REQUEST_GET('uid'));
  85                         $ACT = true;
  86                 } elseif ((REQUEST_ISSET_POST(('unlock'))) && ($status == 'LOCKED')) {
  87                         // Ok, unlock the account!
  88                         if (GET_EXT_VERSION('user') >= '0.3.5') {
  89                                 // Reset lock reason as well
  90                                 SQL_QUERY_ESC("UPDATE
  91         `{!_MYSQL_PREFIX!}_user_data`
  92 SET
  93         `status`='CONFIRMED',
  94         `lock_reason`='',
  95         `lock_timestamp`='0000-00-00 00:00'
  96 WHERE
  97         `userid`=%s
  98 LIMIT 1",
  99                                         array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
 100                         } else {
 101                                 // No lock reason to reset
 102                                 SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED' WHERE `userid`=%s LIMIT 1",
 103                                         array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
 104                         }
 105
 106                         // Entry updated?
 107                         if (SQL_AFFECTEDROWS() == 1) {
 108                                 // Send an email to the user! In later version you can optionally switch this feature off
 109                                 $message = LOAD_EMAIL_TEMPLATE('unlock-user', array('text' => REQUEST_POST('reason')), bigintval(REQUEST_GET('uid')));
 110
 111                                 // Send away...
 112                                 sendEmail(bigintval(REQUEST_GET('uid')), getMessage('ADMIN_UNLOCKED_SUBJ'), $message);
 113                                 if (EXT_IS_ACTIVE('rallye')) {
 114                                         RALLYE_AUTOADD_USER(REQUEST_GET('uid'));
 115                                 } // END - if
 116                         } // END - if
 117
 118                         // Prepare message
 119                         $message = sprintf(getMessage('USER_ACCOUNT_UNLOCKED'), REQUEST_GET('uid'));
 120                         $ACT = true;
 121                 } elseif (REQUEST_ISSET_POST('del')) {
 122                         // Delete the account
 123                         $ACT = true;
 124                         loadIncludeOnce('inc/modules/admin/what-del_user.php');
 125                 } elseif (REQUEST_ISSET_POST('no')) {
 126                         // Do not lock him...
 127                         $URL = ADMIN_CREATE_USERID_LINK(REQUEST_GET('uid'));
 128                 } else {
 129                         // Load user data we need
 130                         $result = SQL_QUERY_ESC("SELECT `email`, `surname`, `family` FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `userid`=%s LIMIT 1",
 131                                 array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
 132
 133                         // Entry found?
 134                         if (SQL_NUMROWS($result) == 1) {
 135                                 // Load data
 136                                 $DATA = SQL_FETCHARRAY($result);
 137
 138                                 // Transfer data to constants for the template
 139                                 // @TODO Rewrite these all constants
 140                                 define('__EMAIL', generateEmailLink($DATA['email'], 'user_data'));
 141                                 define('__SNAME', $DATA['surname']);
 142                                 define('__FNAME', $DATA['family']);
 143                                 define('__UID'  , bigintval(REQUEST_GET('uid')));
 144
 145                                 // Realy want to lock?
 146                                 switch ($status)
 147                                 {
 148                                         case 'CONFIRMED': // Yes, lock him down... ;-)
 149                                                 define('__OK_VALUE'    , 'lock');
 150                                                 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_LOCK_ACCOUNT'), constant('__UID')));
 151                                                 define('__TEXT_VALUE'  , sprintf(getMessage('ADMIN_TEXT_LOCK_ACCOUNT'), constant('__UID')));
 152                                                 break;
 153
 154                                         case 'LOCKED': // Unlock the user
 155                                                 define('__OK_VALUE'    , 'unlock');
 156                                                 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_UNLOCK_ACCOUNT'), constant('__UID')));
 157                                                 define('__TEXT_VALUE'  , sprintf(getMessage('ADMIN_TEXT_UNLOCK_ACCOUNT'), constant('__UID')));
 158                                                 break;
 159
 160                                         case 'UNCONFIRMED': // Unconfirmed accounts cannot be unlocked!
 161                                                 define('__OK_VALUE'    , 'del');
 162                                                 define('__HEADER_VALUE', sprintf(getMessage('ADMIN_HEADER_DEL_ACCOUNT'), constant('__UID')));
 163                                                 define('__TEXT_VALUE'  , sprintf(getMessage('ADMIN_TEXT_DEL_ACCOUNT'), constant('__UID')));
 164                                                 break;
 165                                 }
 166
 167                                 // Output form
 168                                 LOAD_TEMPLATE('admin_lock_user');
 169                         } else {
 170                                 // Account does not exists!
 171                                 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
 172                         }
 173
 174                         // Free result
 175                         SQL_FREERESULT($result);
 176                 }
 177
 178                 // Is an URL set?
 179                 if (!empty($URL)) {
 180                         // Reload and die...
 181                         redirectToUrl($URL);
 182                 } elseif ($ACT) {
 183                         // An action was performed...
 184                         if (!empty($message)) {
 185                                 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_green\">".$message."</div>");
 186                         } else {
 187                                 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_green\">".getMessage('ADMIN_USER_UPDATED')."</div>");
 188                         }
 189                 }
 190         } else {
 191                 // Account does not exists!
 192                 LOAD_TEMPLATE('admin_settings_saved', false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
 193         }
 194 } else {
 195         // List all users
 196         ADD_MEMBER_SELECTION_BOX();
 197 }
 198
 199 //
 200 ?>