X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-lock_user.php;h=88b2fff97b3ca99a86f72a40b2b682455765ca5e;hp=d31d1e7c1c68e4b3da96eef71727f5b06bd8e798;hb=c47144dd555bbab4acdf9085e4623900dedb0e7c;hpb=43885129ac24cee5545a8a5ad51e90aa182fdf46

diff --git a/inc/modules/admin/what-lock_user.php b/inc/modules/admin/what-lock_user.php
index d31d1e7c1c..88b2fff97b 100644
--- a/inc/modules/admin/what-lock_user.php
+++ b/inc/modules/admin/what-lock_user.php
@@ -32,157 +32,154 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
 
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
-if (!empty($_GET['u_id']))
-{
-	$result_user = SQL_QUERY_ESC("SELECT status, sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+// Is a userid set?
+if (!empty($_GET['u_id'])) {
+	// Load user's data
+	$result_user = SQL_QUERY_ESC("SELECT status, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
 	 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
 	$ACT = false;
-	if (SQL_NUMROWS($result_user) == 1)
-	{
+	if (SQL_NUMROWS($result_user) == 1) {
 		// User found
-		list($status, $sex, $sname, $fname, $email) = SQL_FETCHROW($result_user);
+		list($status, $gender, $sname, $fname, $email) = SQL_FETCHROW($result_user);
+
+		// Free result
 		SQL_FREERESULT($result_user);
-		if (empty($_GET['u_id']))
-		{
-			// Output selection form with all confirmed user accounts listed
-			ADD_MEMBER_SELECTION_BOX();
-		} elseif (!empty($_POST['lock'])) {
+
+		// Is a lock reason set?
+		if ((!empty($_POST['lock'])) && ($status != "LOCKED")) {
 			// Ok, lock the account!
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%s LIMIT 1",
-			 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
-			if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
-			{
+			if (GET_EXT_VERSION("user") >= "0.3.5") {
+				// Lock with reason
+				SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED',lock_reason='%s',lock_timestamp=NOW() WHERE userid=%s LIMIT 1",
+					array($_POST['reason'], bigintval($_GET['u_id'])), __FILE__, __LINE__);
+			} else {
+				// Lock with no lock reason saved
+				SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='LOCKED' WHERE userid=%s LIMIT 1",
+					array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+			}
+
+			// Entry updated?
+			if (SQL_AFFECTEDROWS() == 1) {
 				// Send an email to the user! In later version you can optionally switch this feature off
-				$msg = LOAD_EMAIL_TEMPLATE("lock-user", $_POST['reason'], bigintval($_GET['u_id']));
+				$msg = LOAD_EMAIL_TEMPLATE("lock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
 
 				// Send away...
-				SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);
-			}
+				SEND_EMAIL(bigintval($_GET['u_id']), ADMIN_LOCKED_SUBJ, $msg);
+			} // END - if
 
 			// Prepare message
 			$MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;
 			$ACT = true;
-		} elseif (!empty($_POST['unlock'])) {
+		} elseif ((!empty($_POST['unlock'])) && ($status == "LOCKED")) {
 			// Ok, unlock the account!
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%s LIMIT 1",
-			 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
-			if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
-			{
+			if (GET_EXT_VERSION("user") >= "0.3.5") {
+				// Reset lock reason as well
+				SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED',lock_reason='',lock_timestamp='0000-00-00 00:00' WHERE userid=%s LIMIT 1",
+					array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+			} else {
+				// No lock reason to reset
+				SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET `status`='CONFIRMED' WHERE userid=%s LIMIT 1",
+					array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+			}
+
+			// Entry updated?
+			if (SQL_AFFECTEDROWS() == 1) {
 				// Send an email to the user! In later version you can optionally switch this feature off
-				$msg = LOAD_EMAIL_TEMPLATE("unlock-user", $_POST['reason'], bigintval($_GET['u_id']));
+				$msg = LOAD_EMAIL_TEMPLATE("unlock-user", array('text' => $_POST['reason']), bigintval($_GET['u_id']));
 
 				// Send away...
-				SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);
-				if (EXT_IS_ACTIVE("rallye"))
-				{
+				SEND_EMAIL(bigintval($_GET['u_id']), getMessage('ADMIN_UNLOCKED_SUBJ'), $msg);
+				if (EXT_IS_ACTIVE("rallye")) {
 					RALLYE_AUTOADD_USER($_GET['u_id']);
-				}
-			}
+				} // END - if
+			} // END - if
 
 			// Prepare message
 			$MSG = USER_ACCOUNT_UNLOCKED_1.$_GET['u_id'].USER_ACCOUNT_UNLOCKED_2;
 			$ACT = true;
-		}
-		 elseif (isset($_POST['del']))
-		{
+		} elseif (isset($_POST['del'])) {
 			// Delete the account
 			$ACT = true;
-			require_once(PATH."inc/modules/admin/what-del_user.php");
-		}
-		 elseif (!empty($_POST['no']))
-		{
+			LOAD_INC_ONCE("inc/modules/admin/what-del_user.php");
+		} elseif (!empty($_POST['no'])) {
 			// Do not lock him...
-			$URL = URL."/modules.php?module=admin&what=list_user&u_id=".$_GET['u_id'];
-		}
-		 else
-		{
-			$result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
-			 array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
-			if (SQL_NUMROWS($result) == 1)
-			{
+			$URL = "modules.php?module=admin&what=list_user&u_id=".bigintval($_GET['u_id']);
+		} else {
+			$result = SQL_QUERY_ESC("SELECT email, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+				array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+
+			// Entry found?
+			if (SQL_NUMROWS($result) == 1) {
 				// Load data
 				list ($email, $sname, $fname) = SQL_FETCHROW($result);
+
+				// Free result
 				SQL_FREERESULT($result);
 
 				// Transfer data to constants for the template
 				define('__EMAIL', CREATE_EMAIL_LINK($email, "user_data"));
 				define('__SNAME', $sname);
 				define('__FNAME', $fname);
-				define('__UID'  , $_GET['u_id']);
-
-				// Transfer data to constants for the template
-				define('__UID_VALUE', $_GET['u_id']);
+				define('__UID'  , bigintval($_GET['u_id']));
 
 				// Realy want to lock?
 				switch ($status)
 				{
 				case "CONFIRMED": // Yes, lock him down... ;-)
 					define('__OK_VALUE'    , "lock");
-					define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_LOCK_ACCOUNT_2);
-					define('__TEXT_VALUE'  , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_LOCK_ACCOUNT_2);
+					define('__HEADER_VALUE', ADMIN_HEADER_LOCK_ACCOUNT_1.__UID.ADMIN_HEADER_LOCK_ACCOUNT_2);
+					define('__TEXT_VALUE'  , ADMIN_TEXT_LOCK_ACCOUNT_1.__UID.ADMIN_TEXT_LOCK_ACCOUNT_2);
 					break;
 
 				case "LOCKED": // Unlock the user
 					define('__OK_VALUE'    , "unlock");
-					define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_UNLOCK_ACCOUNT_2);
-					define('__TEXT_VALUE'  , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_UNLOCK_ACCOUNT_2);
+					define('__HEADER_VALUE', ADMIN_HEADER_UNLOCK_ACCOUNT_1.__UID.ADMIN_HEADER_UNLOCK_ACCOUNT_2);
+					define('__TEXT_VALUE'  , ADMIN_TEXT_UNLOCK_ACCOUNT_1.__UID.ADMIN_TEXT_UNLOCK_ACCOUNT_2);
 					break;
 
 				case "UNCONFIRMED": // Unconfirmed accounts cannot be unlocked!
 					define('__OK_VALUE'    , "del");
-					define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_HEADER_DEL_ACCOUNT_2);
-					define('__TEXT_VALUE'  , ADMIN_TEXT_DEL_ACCOUNT_1.__UID_VALUE.ADMIN_TEXT_DEL_ACCOUNT_2);
+					define('__HEADER_VALUE', ADMIN_HEADER_DEL_ACCOUNT_1.__UID.ADMIN_HEADER_DEL_ACCOUNT_2);
+					define('__TEXT_VALUE'  , ADMIN_TEXT_DEL_ACCOUNT_1.__UID.ADMIN_TEXT_DEL_ACCOUNT_2);
 					break;
 				}
 
 				// Output form
 				LOAD_TEMPLATE("admin_lock_user");
-			}
-			 else
-			{
+			} else {
 				// Account does not exists!
-				OUTPUT_HTML("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
+				LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</div>");
 			}
 		}
-		if (!empty($URL))
-		{
+
+		// Is an URL set?
+		if (!empty($URL)) {
 			// Reload and die...
 			LOAD_URL($URL);
-		}
-		 elseif ($ACT)
-		{
+		} elseif ($ACT) {
 			// An action was performed...
-			if (!empty($MSG))
-			{
-				LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".$MSG."</STRONG>");
-			}
-			 else
-			{
-				LOAD_TEMPLATE("admin_settings_saved", false, "<STRONG class=\"admin_green\">".ADMIN_USER_UPDATED."</STRONG>");
+			if (!empty($MSG)) {
+				LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_green\">".$MSG."</div>");
+			} else {
+				LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_green\">".getMessage('ADMIN_USER_UPDATED')."</div>");
 			}
 		}
-	}
-	 else
-	{
+	} else {
 		// Account does not exists!
-		OUTPUT_HTML("<STRONG class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</STRONG>");
+		LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</div>");
 	}
-}
- else
-{
+} else {
 	// List all users
 	ADD_MEMBER_SELECTION_BOX();
 }
-CLOSE_TABLE();
+
 //
 ?>