| [ Index ] |
|
Code source de GeekLog 1.4.1 |
1 <?php 2 3 /* Reminder: always indent with 4 spaces (no tabs). */ 4 // +---------------------------------------------------------------------------+ 5 // | Geeklog 1.4 | 6 // +---------------------------------------------------------------------------+ 7 // | moderation.php | 8 // | | 9 // | Geeklog main administration page. | 10 // +---------------------------------------------------------------------------+ 11 // | Copyright (C) 2000-2006 by the following authors: | 12 // | | 13 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com | 14 // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net | 15 // | Jason Whittenburg - jwhitten AT securitygeeks DOT com | 16 // | Dirk Haun - dirk AT haun-online DOT de | 17 // +---------------------------------------------------------------------------+ 18 // | | 19 // | This program is free software; you can redistribute it and/or | 20 // | modify it under the terms of the GNU General Public License | 21 // | as published by the Free Software Foundation; either version 2 | 22 // | of the License, or (at your option) any later version. | 23 // | | 24 // | This program is distributed in the hope that it will be useful, | 25 // | but WITHOUT ANY WARRANTY; without even the implied warranty of | 26 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 27 // | GNU General Public License for more details. | 28 // | | 29 // | You should have received a copy of the GNU General Public License | 30 // | along with this program; if not, write to the Free Software Foundation, | 31 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 32 // | | 33 // +---------------------------------------------------------------------------+ 34 // 35 // $Id: moderation.php,v 1.101 2006/12/09 17:41:56 dhaun Exp $ 36 37 require_once ('../lib-common.php'); 38 require_once ('auth.inc.php'); 39 require_once ($_CONF['path_system'] . 'lib-user.php'); 40 require_once ($_CONF['path_system'] . 'lib-story.php'); 41 42 // Uncomment the line below if you need to debug the HTTP variables being passed 43 // to the script. This will sometimes cause errors but it will allow you to see 44 // the data being passed in a POST operation 45 // echo COM_debug($_POST); 46 47 // this defines the amount of icons displayed next to another in the CC-block 48 define ('ICONS_PER_ROW', 6); 49 50 /** 51 * Renders an entry (icon) for the "Command and Control" center 52 * 53 * @param template $template template to use 54 * @param string $url URL the entry links to 55 * @param string $image URL of the icon 56 * @param string $label text to use under the icon 57 * @return void 58 * 59 */ 60 function render_cc_item (&$template, $url = '', $image = '', $label = '') 61 { 62 if (!empty ($url)) { 63 $template->set_var ('page_url', $url); 64 $template->set_var ('page_image', $image); 65 $template->set_var ('option_label', $label); 66 $template->set_var ('cell_width', ((int)(100 / ICONS_PER_ROW)) . '%'); 67 68 return $template->parse ('cc_main_options', 'ccitem', false); 69 } 70 71 return ''; 72 } 73 74 /** 75 * Prints the command & control block at the top 76 * 77 */ 78 function commandcontrol() 79 { 80 global $_CONF, $_TABLES, $LANG01, $LANG29, $_IMAGE_TYPE, $_DB_dbms; 81 82 $retval = ''; 83 84 $admin_templates = new Template($_CONF['path_layout'] . 'admin/moderation'); 85 $admin_templates->set_file (array ('cc' => 'moderation.thtml', 86 'ccrow' => 'ccrow.thtml', 87 'ccitem' => 'ccitem.thtml')); 88 89 $retval .= COM_startBlock ('Geeklog ' . VERSION . ' -- ' . $LANG29[34], '', 90 COM_getBlockTemplate ('_admin_block', 'header')); 91 92 $showTrackbackIcon = (($_CONF['trackback_enabled'] || 93 $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) 94 && SEC_hasRights('story.ping')); 95 $cc_arr = array( 96 array('condition' => SEC_hasRights('story.edit'), 97 'url' => $_CONF['site_admin_url'] . '/story.php', 98 'lang' => $LANG01[11], 'image' => '/images/icons/story.'), 99 array('condition' => SEC_hasRights('block.edit'), 100 'url' => $_CONF['site_admin_url'] . '/block.php', 101 'lang' => $LANG01[12], 'image' => '/images/icons/block.'), 102 array('condition' => SEC_hasRights('topic.edit'), 103 'url' => $_CONF['site_admin_url'] . '/topic.php', 104 'lang' => $LANG01[13], 'image' => '/images/icons/topic.'), 105 array('condition' => SEC_hasRights('user.edit'), 106 'url' => $_CONF['site_admin_url'] . '/user.php', 107 'lang' => $LANG01[17], 'image' => '/images/icons/user.'), 108 array('condition' => SEC_hasRights('group.edit'), 109 'url' => $_CONF['site_admin_url'] . '/group.php', 110 'lang' => $LANG01[96], 'image' => '/images/icons/group.'), 111 array('condition' => SEC_hasRights('user.mail'), 112 'url' => $_CONF['site_admin_url'] . '/mail.php', 113 'lang' => $LANG01[105], 'image' => '/images/icons/mail.'), 114 array('condition' => SEC_hasRights ('syndication.edit'), 115 'url' => $_CONF['site_admin_url'] . '/syndication.php', 116 'lang' => $LANG01[38], 'image' => '/images/icons/syndication.'), 117 array('condition' => $showTrackbackIcon, 118 'url' => $_CONF['site_admin_url'] . '/trackback.php', 119 'lang' => $LANG01[116], 'image' => '/images/icons/trackback.'), 120 array('condition' => SEC_hasRights('plugin.edit'), 121 'url' => $_CONF['site_admin_url'] . '/plugins.php', 122 'lang' => $LANG01[98], 'image' => '/images/icons/plugins.') 123 ); 124 125 for ($i = 0; $i < count ($cc_arr); $i++) { 126 if ($cc_arr[$i]['condition']) { 127 $item = render_cc_item ($admin_templates, $cc_arr[$i]['url'], 128 $_CONF['layout_url'] . $cc_arr[$i]['image'] . $_IMAGE_TYPE, 129 $cc_arr[$i]['lang']); 130 $items[$cc_arr[$i]['lang']] = $item; 131 } 132 } 133 134 // now add the plugins 135 $plugins = PLG_getCCOptions (); 136 for ($i = 0; $i < count ($plugins); $i++) { 137 $cur_plugin = current ($plugins); 138 $item = render_cc_item ($admin_templates, $cur_plugin->adminurl, 139 $cur_plugin->plugin_image, $cur_plugin->adminlabel); 140 $items[$cur_plugin->adminlabel] = $item; 141 next ($plugins); 142 } 143 144 // and finally, add the remaining admin items 145 $cc_arr = array( 146 array('condition' => ($_CONF['allow_mysqldump'] == 1) && ($_DB_dbms == 'mysql') && SEC_inGroup ('Root'), 147 'url' => $_CONF['site_admin_url'] . '/database.php', 148 'lang' => $LANG01[103], 'image' => '/images/icons/database.'), 149 array('condition' => ($_CONF['link_documentation'] == 1), 150 'url' => $_CONF['site_url'] . '/docs/', 151 'lang' => $LANG01[113], 'image' => '/images/icons/docs.'), 152 array('condition' => (SEC_inGroup ('Root')), 153 'url' => 'http://www.geeklog.net/versionchecker.php?version=' . VERSION, 154 'lang' => $LANG01[107], 'image' => '/images/icons/versioncheck.') 155 ); 156 157 for ($i = 0; $i < count ($cc_arr); $i++) { 158 if ($cc_arr[$i]['condition']) { 159 $item = render_cc_item ($admin_templates, $cc_arr[$i]['url'], 160 $_CONF['layout_url'] . $cc_arr[$i]['image'] . $_IMAGE_TYPE, 161 $cc_arr[$i]['lang']); 162 $items[$cc_arr[$i]['lang']] = $item; 163 } 164 } 165 166 if ($_CONF['sort_admin']) { 167 uksort ($items, 'strcasecmp'); 168 } 169 // logout is always the last entry 170 $item = render_cc_item ($admin_templates, 171 $_CONF['site_url'] . '/users.php?mode=logout', 172 $_CONF['layout_url'] . '/images/icons/logout.' . $_IMAGE_TYPE, 173 $LANG01[35]); 174 $items[$LANG01[35]] = $item; 175 reset($items); 176 $cols = 0; 177 $cc_main_options = ''; 178 foreach ($items as $key => $val) { 179 $cc_main_options .= $val . LB; 180 $cols++; 181 if ($cols == ICONS_PER_ROW) { 182 $admin_templates->set_var('cc_main_options', $cc_main_options); 183 $admin_templates->parse ('cc_rows', 'ccrow', true); 184 $admin_templates->clear_var ('cc_main_options'); 185 $cc_main_options = ''; 186 $cols = 0; 187 } 188 } 189 190 $admin_templates->set_var('cc_icon_width', floor(100/ICONS_PER_ROW)); 191 if($cols > 0) { 192 // "flush out" any unrendered entries 193 $admin_templates->set_var('cc_main_options', $cc_main_options); 194 $admin_templates->parse ('cc_rows', 'ccrow', true); 195 $admin_templates->clear_var ('cc_main_options'); 196 } 197 198 $retval .= $admin_templates->parse('output','cc'); 199 200 $retval .= COM_endBlock (COM_getBlockTemplate ('_admin_block', 'footer')); 201 202 if (SEC_hasRights('story.moderate')) { 203 $retval .= itemlist('story'); 204 } 205 206 if (SEC_hasRights('story.edit')) { 207 if ($_CONF['listdraftstories'] == 1) { 208 $retval .= draftlist (); 209 } 210 } 211 if ($_CONF['usersubmission'] == 1) { 212 if (SEC_hasRights ('user.edit') && SEC_hasRights ('user.delete')) { 213 $retval .= userlist (); 214 } 215 } 216 217 $retval .= PLG_showModerationList(); 218 219 return $retval; 220 } 221 222 /** 223 * Displays items needing moderation 224 * 225 * Displays the moderation list of items from the submission tables 226 * 227 * @type string Type of object to build list for 228 * 229 */ 230 function itemlist($type) 231 { 232 global $_CONF, $_TABLES, $LANG29, $LANG_ADMIN; 233 234 require_once( $_CONF['path_system'] . 'lib-admin.php' ); 235 236 $retval = ''; 237 $isplugin = false; 238 239 if ((strlen ($type) > 0) && ($type <> 'story')) { 240 $function = 'plugin_itemlist_' . $type; 241 if (function_exists ($function)) { 242 // Great, we found the plugin, now call its itemlist method 243 $plugin = new Plugin(); 244 $plugin = $function(); 245 if (isset ($plugin)) { 246 $helpfile = $plugin->submissionhelpfile; 247 $sql = $plugin->getsubmissionssql; 248 $H = $plugin->submissionheading; 249 $section_title = $plugin->submissionlabel; 250 $section_help = $helpfile; 251 $isplugin = true; 252 } 253 } 254 } else { // story submission 255 $sql = "SELECT sid AS id,title,date,tid FROM {$_TABLES['storysubmission']}" . COM_getTopicSQL ('WHERE') . " ORDER BY date ASC"; 256 $H = array($LANG29[10],$LANG29[14],$LANG29[15]); 257 $section_title = $LANG29[35]; 258 $section_help = 'ccstorysubmission.html'; 259 } 260 261 // run SQL but this time ignore any errors 262 if (!empty ($sql)) { 263 $result = DB_query($sql, 1); 264 } 265 if (empty ($sql) || DB_error()) { 266 // was more than likely a plugin that doesn't need moderation 267 //$nrows = -1; 268 return; 269 } else { 270 $nrows = DB_numRows($result); 271 } 272 $data_arr = array(); 273 for ($i = 0; $i < $nrows; $i++) { 274 $A = DB_fetchArray($result); 275 if ($isplugin) { 276 $A['edit'] = $_CONF['site_admin_url'] . '/plugins/' . $type 277 . '/index.php?mode=editsubmission&id=' . $A[0]; 278 } else { 279 $A['edit'] = $_CONF['site_admin_url'] . '/' . $type 280 . '.php?mode=editsubmission&id=' . $A[0]; 281 } 282 $A['row'] = $i; 283 $A['_moderation_type'] = $type; 284 $data_arr[$i] = $A; 285 } 286 287 $header_arr = array( // display 'text' and use table field 'field' 288 array('text' => $LANG_ADMIN['edit'], 'field' => 0), 289 array('text' => $H[0], 'field' => 1), 290 array('text' => $H[1], 'field' => 2), 291 array('text' => $H[2], 'field' => 3), 292 array('text' => $LANG29[2], 'field' => 'delete'), 293 array('text' => $LANG29[1], 'field' => 'approve')); 294 295 $text_arr = array('has_menu' => false, 296 'title' => $section_title, 297 'help_url' => $section_help, 298 'no_data' => $LANG29[39], 299 'form_url' => "{$_CONF['site_admin_url']}/moderation.php" 300 ); 301 302 303 $listoptions = array('chkdelete' => true, 'chkfield' => 'id'); 304 $table = ADMIN_simpleList('ADMIN_getListField_moderation', $header_arr, 305 $text_arr, $data_arr, array(), $listoptions); 306 if ($nrows > 0) { 307 $retval .= LB . $table . LB 308 . '<input type="hidden" name="type" value="' . $type . '">' . LB 309 . '<input type="hidden" name="mode" value="moderation">' . LB 310 . '<input type="hidden" name="count" value="' . $nrows . '">' 311 . '<p align="center"><input type="submit" value="' 312 . $LANG_ADMIN['submit'] . '"></p></form>' . LB; 313 } else { 314 $retval .= $table; 315 } 316 317 return $retval; 318 } 319 320 /** 321 * Displays new user submissions 322 * 323 * When enabled, this will list all the new users which have applied for a 324 * site membership. When approving an application, an email containing the 325 * password is sent out immediately. 326 * 327 */ 328 function userlist () 329 { 330 global $_CONF, $_TABLES, $LANG29, $LANG_ADMIN; 331 332 require_once ($_CONF['path_system'] . 'lib-admin.php'); 333 334 $retval = ''; 335 $sql = "SELECT uid as id,username,fullname,email FROM {$_TABLES['users']} WHERE status = 2"; 336 $result = DB_query ($sql); 337 $nrows = DB_numRows($result); 338 $data_arr = array(); 339 for ($i = 0; $i < $nrows; $i++) { 340 $A = DB_fetchArray($result); 341 $A['edit'] = $_CONF['site_admin_url'].'/user.php?mode=edit&uid='.$A['id']; 342 $A['row'] = $i; 343 $A['fullname'] = stripslashes($A['fullname']); 344 $A['email'] = stripslashes($A['email']); 345 $data_arr[$i] = $A; 346 } 347 $header_arr = array( 348 array('text' => $LANG_ADMIN['edit'], 'field' => 0), 349 array('text' => $LANG29[16], 'field' => 1), 350 array('text' => $LANG29[17], 'field' => 2), 351 array('text' => $LANG29[18], 'field' => 3), 352 array('text' => $LANG29[2], 'field' => 'delete'), 353 array('text' => $LANG29[1], 'field' => 'approve') 354 ); 355 356 $text_arr = array('has_menu' => false, 357 'title' => $LANG29[40], 358 'help_url' => '', 359 'no_data' => $LANG29[39], 360 'form_url' => "{$_CONF['site_admin_url']}/moderation.php" 361 ); 362 363 $listoptions = array('chkdelete' => true, 'chkfield' => 'id'); 364 365 $table = ADMIN_simpleList('ADMIN_getListField_moderation', $header_arr, 366 $text_arr, $data_arr, array(), $listoptions); 367 if ($nrows > 0) { 368 $retval .= LB . $table . LB 369 . '<input type="hidden" name="type" value="user">' . LB 370 . '<input type="hidden" name="mode" value="moderation">' . LB 371 . '<input type="hidden" name="count" value="' . $nrows . '">' 372 . '<p align="center"><input type="submit" value="' 373 . $LANG_ADMIN['submit'] . '"></p></form>' . LB; 374 375 } else { 376 $retval .= $table; 377 } 378 379 return $retval; 380 } 381 382 /** 383 * Displays a list of all the stories that have the 'draft' flag set. 384 * 385 * When enabled, this will list all the stories that have been marked as 386 * 'draft'. Approving a story from this list will clear the draft flag and 387 * thus publish the story. 388 * 389 */ 390 function draftlist () 391 { 392 global $_CONF, $_TABLES, $LANG24, $LANG29, $LANG_ADMIN; 393 394 require_once( $_CONF['path_system'] . 'lib-admin.php' ); 395 396 $retval = ''; 397 398 $result = DB_query ("SELECT sid AS id,title,UNIX_TIMESTAMP(date) AS day,tid FROM {$_TABLES['stories']} WHERE (draft_flag = 1)" . COM_getTopicSQL ('AND') . COM_getPermSQL ('AND', 0, 3) . " ORDER BY date ASC"); 399 $nrows = DB_numRows($result); 400 $data_arr = array(); 401 402 for ($i = 0; $i < $nrows; $i++) { 403 $A = DB_fetchArray($result); 404 $A['edit'] = $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' 405 . $A['id']; 406 $A['row'] = $i; 407 $A['title'] = stripslashes($A['title']); 408 $A['tid'] = stripslashes($A['tid']); 409 $data_arr[$i] = $A; 410 } 411 412 $header_arr = array( 413 array('text' => $LANG_ADMIN['edit'], 'field' => 0), 414 array('text' => $LANG29[10], 'field' => 'title'), 415 array('text' => $LANG29[14], 'field' => 'day'), 416 array('text' => $LANG29[15], 'field' => 'tid'), 417 array('text' => $LANG29[2], 'field' => 'delete'), 418 array('text' => $LANG29[1], 'field' => 'approve')); 419 420 $text_arr = array('has_menu' => false, 421 'title' => $LANG29[35] . ' (' . $LANG24[34] . ')', 422 'help_url' => '', 423 'no_data' => $LANG29[39], 424 'form_url' => "{$_CONF['site_admin_url']}/moderation.php"); 425 426 $listoptions = array('chkdelete' => true, 'chkfield' => 'id'); 427 $table = ADMIN_simpleList('ADMIN_getListField_moderation', $header_arr, 428 $text_arr, $data_arr, array(), $listoptions); 429 if ($nrows > 0) { 430 $retval .= LB . $table . LB 431 . '<input type="hidden" name="type" value="draft">' . LB 432 . '<input type="hidden" name="mode" value="moderation">' . LB 433 . '<input type="hidden" name="count" value="' . $nrows . '">' 434 . '<p align="center"><input type="submit" value="' 435 . $LANG_ADMIN['submit'] . '"></p></form>' . LB; 436 } else { 437 $retval .= $table; 438 } 439 440 return $retval; 441 } 442 443 /** 444 * Moderates an item 445 * 446 * This will actually perform moderation (approve or delete) one or more items 447 * 448 * @param array $mid Array of items 449 * @param array $action Array of actions to perform on items 450 * @param string $type Type of items ('story', etc.) 451 * @param int $count Number of items to moderate 452 * @return string HTML for "command and control" page 453 * 454 */ 455 function moderation ($mid, $action, $type, $count) 456 { 457 global $_CONF, $_TABLES; 458 459 $retval = ''; 460 461 switch ($type) { 462 case 'story': 463 $id = 'sid'; 464 $table = $_TABLES['stories']; 465 $submissiontable = $_TABLES['storysubmission']; 466 $fields = 'sid,uid,tid,title,introtext,date,postmode'; 467 break; 468 default: 469 if (strlen($type) <= 0) { 470 // something is terribly wrong, bail 471 $retval .= COM_errorLog("Unable to find type of $type in moderation() in moderation.php"); 472 return $retval; 473 } 474 list($id, $table, $fields, $submissiontable) = PLG_getModerationValues($type); 475 } 476 477 $formaction = false; // Set true if an valid action other then delete_all is selected 478 for ($i = 0; $i < $count; $i++) { 479 if (isset($action[$i]) AND $action[$i] != '') $formaction = true; 480 switch ($action[$i]) { 481 case 'delete': 482 if (!empty ($type) && ($type <> 'story') && ($type <> 'draft')) { 483 // There may be some plugin specific processing that needs to 484 // happen first. 485 $retval .= PLG_deleteSubmission($type, $mid[$i]); 486 } 487 if (empty($mid[$i])) { 488 $retval .= COM_errorLog("moderation.php just tried deleting everything in table $submissiontable because it got an empty id. Please report this immediately to your site administrator"); 489 return $retval; 490 } 491 if ($type == 'draft') { 492 STORY_deleteStory($mid[$i]); 493 } else { 494 DB_delete($submissiontable,"$id",$mid[$i]); 495 } 496 break; 497 case 'approve': 498 if ($type == 'story') { 499 $result = DB_query ("SELECT * FROM {$_TABLES['storysubmission']} WHERE sid = '$mid[$i]'"); 500 $A = DB_fetchArray ($result); 501 $A['related'] = addslashes (implode ("\n", STORY_extractLinks ($A['introtext']))); 502 $A['owner_id'] = $A['uid']; 503 $A['title'] = addslashes ($A['title']); 504 $A['introtext'] = addslashes ($A['introtext']); 505 $result = DB_query ("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag FROM {$_TABLES['topics']} WHERE tid = '{$A['tid']}'"); 506 $T = DB_fetchArray ($result); 507 if ($T['archive_flag'] == 1) { 508 $frontpage = 0; 509 } else if (isset ($_CONF['frontpage'])) { 510 $frontpage = $_CONF['frontpage']; 511 } else { 512 $frontpage = 1; 513 } 514 DB_save ($_TABLES['stories'],'sid,uid,tid,title,introtext,related,date,show_topic_icon,commentcode,trackbackcode,postmode,frontpage,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', 515 "'{$A['sid']}',{$A['uid']},'{$A['tid']}','{$A['title']}','{$A['introtext']}','{$A['related']}','{$A['date']}','{$_CONF['show_topic_icon']}','{$_CONF['comment_code']}','{$_CONF['trackback_code']}','{$A['postmode']}',$frontpage,{$A['owner_id']},{$T['group_id']},{$T['perm_owner']},{$T['perm_group']},{$T['perm_members']},{$T['perm_anon']}"); 516 DB_delete($_TABLES['storysubmission'],"$id",$mid[$i]); 517 518 COM_rdfUpToDateCheck (); 519 COM_olderStuff (); 520 } else if ($type == 'draft') { 521 DB_query ("UPDATE {$_TABLES['stories']} SET draft_flag = 0 WHERE sid = '{$mid[$i]}'"); 522 523 COM_rdfUpToDateCheck (); 524 COM_olderStuff (); 525 } else { 526 // This is called in case this is a plugin. There may be some 527 // plugin specific processing that needs to happen. 528 DB_copy($table,$fields,$fields,$submissiontable,$id,$mid[$i]); 529 $retval .= PLG_approveSubmission($type,$mid[$i]); 530 } 531 break; 532 } 533 } 534 535 // Check if there was no direct action used on the form and if the delete_all submit action was used 536 if (!$formaction AND isset($_POST['delitem'])) { 537 foreach($_POST['delitem'] as $delitem) { 538 $delitem = COM_applyFilter($delitem); 539 if (!empty ($type) && ($type <> 'story') && ($type <> 'draft')) { 540 // There may be some plugin specific processing that needs to 541 // happen first. 542 $retval .= PLG_deleteSubmission($type, $delitem); 543 } 544 if ($type == 'draft') { 545 STORY_deleteStory($delitem); 546 } else { 547 DB_delete($submissiontable,"$id",$delitem); 548 } 549 } 550 } 551 552 $retval .= commandcontrol(); 553 554 return $retval; 555 } 556 557 /** 558 * Moderate user submissions 559 * 560 * Users from the user submission queue are either appoved (an email containing 561 * the password is sent out) or deleted. 562 * 563 * @param int $uid Array of items 564 * @param array $action Action to perform ('delete', 'approve') 565 * @param int $count Number of items 566 * @return string HTML for "command and control" page 567 * 568 */ 569 function moderateusers ($uid, $action, $count) 570 { 571 global $_CONF, $_TABLES, $LANG04; 572 573 $retval = ''; 574 $formaction = false; // Set true if an valid action other then delete_all is selected 575 for ($i = 0; $i < $count; $i++) { 576 if (isset($action[$i]) AND $action[$i] != '') $formaction = true; 577 switch ($action[$i]) { 578 case 'delete': // Ok, delete everything related to this user 579 if ($uid[$i] > 1) { 580 USER_deleteAccount ($uid[$i]); 581 } 582 break; 583 case 'approve': 584 $uid[$i] = COM_applyFilter($uid[$i], true); 585 $result = DB_query ("SELECT email,username, uid FROM {$_TABLES['users']} WHERE uid = $uid[$i]"); 586 $nrows = DB_numRows($result); 587 if ($nrows == 1) { 588 $A = DB_fetchArray($result); 589 $sql = "UPDATE {$_TABLES['users']} SET status=3 WHERE uid={$A['uid']}"; 590 DB_Query($sql); 591 USER_createAndSendPassword ($A['username'], $A['email'], $A['uid']); 592 } 593 break; 594 } 595 } 596 597 // Check if there was no direct action used on the form and if the delete_all submit action was used 598 if (!$formaction AND isset($_POST['delitem'])) { 599 foreach($_POST['delitem'] as $del_uid) { 600 $del_uid = COM_applyFilter($del_uid,true); 601 if ($del_uid > 1) { 602 USER_deleteAccount ($uid[$i]); 603 } 604 } 605 } 606 607 $retval .= commandcontrol(); 608 609 return $retval; 610 } 611 612 /** 613 * Display a reminder to execute the security check script 614 * 615 */ 616 function security_check_reminder () 617 { 618 global $_CONF, $_TABLES, $_IMAGE_TYPE, $MESSAGE; 619 620 $retval = ''; 621 622 if (!SEC_inGroup ('Root')) { 623 return $retval; 624 } 625 626 $done = DB_getItem ($_TABLES['vars'], 'value', "name = 'security_check'"); 627 if ($done != 1) { 628 $message = 'Please <a href="' . $_CONF['site_admin_url'] . '/sectest.php">check the security of your site</a> before using it!'; 629 $retval .= COM_startBlock ($MESSAGE[40], '', 630 COM_getBlockTemplate ('_msg_block', 'header')) 631 . '<p style="padding:5px"><img src="' . $_CONF['layout_url'] 632 . '/images/sysmessage.' . $_IMAGE_TYPE . '" border="0" align="left"' 633 . ' alt="" style="padding-right:5px; padding-bottom:3px">' 634 . $message . '</p>' 635 . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 636 } 637 638 return $retval; 639 } 640 641 // MAIN 642 643 $display = ''; 644 $display .= COM_siteHeader ('menu', $LANG29[34]); 645 if (isset ($_GET['msg'])) { 646 $display .= COM_showMessage ($_GET['msg']); 647 } 648 649 if (isset ($_POST['mode']) && ($_POST['mode'] == 'moderation')) { 650 if ($_POST['type'] == 'user') { 651 $display .= moderateusers ($_POST['id'], $_POST['action'], 652 COM_applyFilter ($_POST['count'], true)); 653 } else { 654 $display .= moderation ($_POST['id'], $_POST['action'], $_POST['type'], 655 COM_applyFilter ($_POST['count'], true)); 656 } 657 } else { 658 $display .= security_check_reminder (); 659 $display .= commandcontrol(); 660 } 661 662 $display .= COM_siteFooter(); 663 664 echo $display; 665 666 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 12:27:40 2007 | par Balluche grâce à PHPXref 0.7 |
|
|