************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
-if (!empty($_GET['u_id']))
-{
- $result_user = SQL_QUERY_ESC("SELECT status, sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+// Is a userid set?
+if (!empty($_GET['u_id'])) {
+ // Load user's data
+ $result_user = SQL_QUERY_ESC("SELECT status, gender, surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
$ACT = false;
- if (SQL_NUMROWS($result_user) == 1)
- {
+ if (SQL_NUMROWS($result_user) == 1) {
// User found
- list($status, $sex, $sname, $fname, $email) = SQL_FETCHROW($result_user);
+ list($status, $gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
+
+ // Free result
SQL_FREERESULT($result_user);
- if (empty($_GET['u_id']))
- {
- // Output selection form with all confirmed user accounts listed
- ADD_MEMBER_SELECTION_BOX();
- } elseif (!empty($_POST['lock'])) {
+
+ // Is a lock reason set?
+ if ((!empty($_POST['lock'])) && ($status != "LOCKED")) {
// Ok, lock the account!
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
- {
+ if (GET_EXT_VERSION("user") >= "0.3.5") {
+ // Lock with reason
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET status='LOCKED',lock_reason='%s',lock_timestamp=NOW() WHERE userid=%s LIMIT 1",
+ array($_POST['reason'], bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ } else {
+ // Lock with no lock reason saved
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET status='LOCKED' WHERE userid=%s LIMIT 1",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ }
+
+ // Entry updated?
+ if (SQL_AFFECTEDROWS() == 1) {
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("lock-user", $_POST['reason'], bigintval($_GET['u_id']));
+ $msg = LOAD_EMAIL_TEMPLATE("lock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
// Send away...
- SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);
- }
+ SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_LOCKED_SUBJ, $msg);
+ } // END - if
// Prepare message
$MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;
$ACT = true;
- } elseif (!empty($_POST['unlock'])) {
+ } elseif ((!empty($_POST['unlock'])) && ($status == "LOCKED")) {
// Ok, unlock the account!
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
- {
+ if (GET_EXT_VERSION("user") >= "0.3.5") {
+ // Reset lock reason as well
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET status='CONFIRMED',lock_reason='',lock_timestamp='0000-00-00 00:00' WHERE userid=%s LIMIT 1",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ } else {
+ // No lock reason to reset
+ SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET status='CONFIRMED' WHERE userid=%s LIMIT 1",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ }
+
+ // Entry updated?
+ if (SQL_AFFECTEDROWS() == 1) {
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("unlock-user", $_POST['reason'], bigintval($_GET['u_id']));
+ $msg = LOAD_EMAIL_TEMPLATE("unlock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
// Send away...
- SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);
- if (EXT_IS_ACTIVE("rallye"))
- {
+ SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_UNLOCKED_SUBJ, $msg);
+ if (EXT_IS_ACTIVE("rallye")) {
RALLYE_AUTOADD_USER($_GET['u_id']);
- }
- }
+ } // END - if
+ } // END - if
// Prepare message
$MSG = USER_ACCOUNT_UNLOCKED_1.$_GET['u_id'].USER_ACCOUNT_UNLOCKED_2;
$ACT = true;
- }
- elseif (isset($_POST['del']))
- {
+ } elseif (isset($_POST['del'])) {
// Delete the account
$ACT = true;
require_once(PATH."inc/modules/admin/what-del_user.php");
- }
- elseif (!empty($_POST['no']))
- {
+ } elseif (!empty($_POST['no'])) {
// Do not lock him...
- $URL = URL."/modules.php?module=admin&what=list_user&u_id=".$_GET['u_id'];
- }
- else
- {
- $result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $URL = URL."/modules.php?module=admin&what=list_user&u_id=".bigintval($_GET['u_id']);
+ } else {
+ $result = SQL_QUERY_ESC("SELECT email, surname, family FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
+ array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+
+ // Entry found?
+ if (SQL_NUMROWS($result) == 1) {
// Load data
list ($email, $sname, $fname) = SQL_FETCHROW($result);
+
+ // Free result
SQL_FREERESULT($result);
// Transfer data to constants for the template
define('__EMAIL', CREATE_EMAIL_LINK($email, "user_data"));
define('__SNAME', $sname);
define('__FNAME', $fname);
- define('__UID' , $_GET['u_id']);
-
- // Transfer data to constants for the template
- define('__UID_VALUE', $_GET['u_id']);
+ define('__UID' , bigintval($_GET['u_id']));
// Realy want to lock?
switch ($status)
{
case "CONFIRMED": // Yes, lock him down... ;-)
define('__OK_VALUE' , "lock");
- define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_LOCK_ACCOUNT_2);
- define('__TEXT_VALUE' , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_LOCK_ACCOUNT_2);
+ define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID.ADMIN_HEADER_LOCK_ACCOUNT_2);
+ define('__TEXT_VALUE' , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID.ADMIN_TEXT_LOCK_ACCOUNT_2);
break;
case "LOCKED": // Unlock the user
define('__OK_VALUE' , "unlock");
- define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_UNLOCK_ACCOUNT_2);
- define('__TEXT_VALUE' , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_UNLOCK_ACCOUNT_2);
+ define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID.ADMIN_HEADER_UNLOCK_ACCOUNT_2);
+ define('__TEXT_VALUE' , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID.ADMIN_TEXT_UNLOCK_ACCOUNT_2);
break;
case "UNCONFIRMED": // Unconfirmed accounts cannot be unlocked!
define('__OK_VALUE' , "del");
- define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_DEL_ACCOUNT_2);
- define('__TEXT_VALUE' , ADMIN_TEXT_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_DEL_ACCOUNT_2);
+ define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID.ADMIN_HEADER_DEL_ACCOUNT_2);
+ define('__TEXT_VALUE' , ADMIN_TEXT_DEL_ACCOUNT_1.__UID.ADMIN_TEXT_DEL_ACCOUNT_2);
break;
}
// Output form
LOAD_TEMPLATE("admin_lock_user");
- }
- else
- {
+ } else {
// Account does not exists!
OUTPUT_HTML("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
}
}
- if (!empty($URL))
- {
+
+ // Is an URL set?
+ if (!empty($URL)) {
// Reload and die...
LOAD_URL($URL);
- }
- elseif ($ACT)
- {
+ } elseif ($ACT) {
// An action was performed...
- if (!empty($MSG))
- {
+ if (!empty($MSG)) {
LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".$MSG."</STRONG>");
- }
- else
- {
+ } else {
LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".ADMIN_USER_UPDATED."</STRONG>");
}
}
- }
- else
- {
+ } else {
// Account does not exists!
OUTPUT_HTML("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
}
-}
- else
-{
+} else {
// List all users
ADD_MEMBER_SELECTION_BOX();
}
-CLOSE_TABLE();
+
//
?>
projects / mailer.git / blobdiff