Subversion Repositories Applications.papyrus

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
831 florian 1
<?php
2
 
3
////////////////////////////////////////////////////////////////////////////////
4
//                                                                            //
5
//   Copyright (C) 2006  Phorum Development Team                              //
6
//   http://www.phorum.org                                                    //
7
//                                                                            //
8
//   This program is free software. You can redistribute it and/or modify     //
9
//   it under the terms of either the current Phorum License (viewable at     //
10
//   phorum.org) or the Phorum License that was distributed with this file    //
11
//                                                                            //
12
//   This program is distributed in the hope that it will be useful,          //
13
//   but WITHOUT ANY WARRANTY, without even the implied warranty of           //
14
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                     //
15
//                                                                            //
16
//   You should have received a copy of the Phorum License                    //
17
//   along with this program.                                                 //
18
////////////////////////////////////////////////////////////////////////////////
19
 
20
    if(!defined("PHORUM_ADMIN")) return;
21
 
22
    include('./include/format_functions.php');
23
 
24
 
25
    $error="";
26
 
27
    if(count($_POST)){
28
 
29
 
30
        if( isset($_POST['action']) && $_POST['action'] == "deleteUsers") {
31
 
32
            $count=count($_POST['deleteIds']);
33
            if($count > 0) {
34
                foreach($_POST['deleteIds'] as $id => $deluid) {
35
                    phorum_user_delete($deluid);
36
                }
37
                phorum_admin_okmsg("$count User(s) deleted.");
38
            }
39
 
40
        } else {
41
 
42
            $user_data=$_POST;
43
 
44
            switch( $_POST["section"] ) {
45
 
46
 
47
                case "forums":
48
 
49
                    if($_POST["new_forum"]){
50
                        if(!is_array($_POST["new_forum_permissions"])){
51
                            $permission=0;
52
                        } else {
53
                            $permission = 0;
54
                            foreach($_POST["new_forum_permissions"] as $perm=>$check){
55
                               $permission = $permission | $perm;
56
                            }
57
                        }
58
 
59
                        $user_data["forum_permissions"][$_POST["new_forum"]]=$permission;
60
                    }
61
 
62
                    if(isset($_POST["delforum"])){
63
                        foreach($_POST["delforum"] as $fid=>$val){
64
                            unset($user_data["forum_permissions"][$fid]);
65
                            unset($_POST["forums"][$fid]);
66
                        }
67
                    }
68
 
69
                    if(isset($_POST["forums"])){
70
                        foreach($_POST["forums"] as $forum_id){
71
                            $permission=0;
72
 
73
                            if(isset($user_data["forum_permissions"][$forum_id])){
74
                                foreach($user_data["forum_permissions"][$forum_id] as $perm=>$check){
75
                                    $permission = $permission | $perm;
76
                                }
77
                            }
78
 
79
                            $user_data["forum_permissions"][$forum_id]=$permission;
80
                        }
81
                    }
82
 
83
                    if(empty($user_data["forum_permissions"])) $user_data["forum_permissions"]=array();
84
 
85
                    unset($user_data["delforum"]);
86
                    unset($user_data["new_forum"]);
87
                    unset($user_data["new_forum_permissions"]);
88
 
89
                    break;
90
 
91
                case "groups":
92
                    $groupdata = array();
93
 
94
                    if($_POST["new_group"]){
95
                        // set the new group permission to approved
96
                        $groupdata[$_POST["new_group"]] = PHORUM_USER_GROUP_APPROVED;
97
                    }
98
 
99
                    if(isset($_POST["group_perm"])){
100
                        foreach($_POST["group_perm"] as $group_id=>$perm){
101
                            // as long as we aren't removing them from the group, accept other values
102
                            if ($perm != PHORUM_USER_GROUP_REMOVE){
103
                                $groupdata[$group_id] = $perm;
104
                            }
105
                        }
106
                    }
107
 
108
                    phorum_user_save_groups($_POST["user_id"], $groupdata);
109
                    break;
110
            }
111
 
112
            if(isset($_POST['password1']) && !empty($_POST['password1']) && !empty($_POST['password2']) && $_POST['password1'] != $_POST['password2']) {
113
                $error="Passwords don't match!";
114
            } elseif(!empty($_POST['password1']) && !empty($_POST['password2'])) {
115
                $user_data['password']=$_POST['password1'];
116
            }
117
 
118
            // clean up
119
            unset($user_data["module"]);
120
            unset($user_data["section"]);
121
            unset($user_data["password1"]);
122
            unset($user_data["password2"]);
123
 
124
            if(empty($error)){
125
                phorum_user_save($user_data);
126
                phorum_admin_okmsg("User Saved");
127
            }
128
        }
129
 
130
    }
131
 
132
    if ($error) {
133
        phorum_admin_error($error);
134
    }
135
 
136
    include_once "./include/admin/PhorumInputForm.php";
137
    include_once "./include/profile_functions.php";
138
    include_once "./include/users.php";
139
 
140
    if(!defined("PHORUM_ORIGINAL_USER_CODE") || PHORUM_ORIGINAL_USER_CODE!==true){
141
        echo "Phorum User Admin only works with the Phorum User System.";
142
        return;
143
    }
144
 
145
    if(!isset($_GET["edit"]) && !isset($_POST['section'])){
146
 
147
        if(empty($_REQUEST["user_id"])){
148
 
149
            $frm =& new PhorumInputForm ("", "get", "Search");
150
 
151
            $frm->addbreak("Phorum User Admin");
152
 
153
            $frm->hidden("module", "users");
154
 
155
            $frm->addrow("Search", "Username or email contains: " . $frm->text_box("search", htmlspecialchars($_REQUEST["search"]), 30) . " &bull; <a href=\"{$_SERVER['PHP_SELF']}?module=users&search=\">Find All Users</a>");
156
 
157
            $frm->addrow("", "Post count " .
158
                $frm->select_tag("posts_op", array("gte" => ">=", "lte" => "<="), $_REQUEST["posts_op"]) .
159
                $frm->text_box("posts", htmlspecialchars($_REQUEST["posts"]), 5) .
160
                " and last active " .
161
                // these are flipped because we're going back in time
162
                $frm->select_tag("lastactive_op", array("gte" => "<=", "lte" => ">="), $_REQUEST["lastactive_op"]) .
163
                $frm->text_box("lastactive", htmlspecialchars($_REQUEST["lastactive"]), 5) . " days ago");
164
            $frm->show();
165
        }
166
 
167
?>
168
        <hr class=\"PhorumAdminHR\" />
169
 
170
        <script type="text/javascript">
171
        <!--
172
        function CheckboxControl(form, onoff) {
173
            for (var i = 0; i < form.elements.length; i++)
174
                if (form.elements[i].type == "checkbox")
175
                    form.elements[i].checked = onoff;
176
        }
177
        // -->
178
        </script>
179
<?php
180
 
181
        $search=$_REQUEST["search"];
182
 
183
        $url_safe_search=urlencode($_REQUEST["search"]);
184
        $url_safe_search.="&posts=".urlencode($_REQUEST["posts"]);
185
        $url_safe_search.="&posts_op=".urlencode($_REQUEST["posts_op"]);
186
        $url_safe_search.="&lastactive=".urlencode($_REQUEST["lastactive"]);
187
        $url_safe_search.="&lastactive_op=".urlencode($_REQUEST["lastactive_op"]);
188
 
189
        $users=phorum_db_search_users($_REQUEST["search"]);
190
 
191
        if (isset($_REQUEST["posts"]) && $_REQUEST["posts"] != "" && $_REQUEST["posts"] >= 0) {
192
            $cmpfn = phorum_admin_gen_compare($_REQUEST["posts_op"]);
193
            $users = phorum_admin_filter_arr($users, "posts", $_REQUEST["posts"], $cmpfn);
194
        }
195
 
196
        if(isset($_REQUEST["lastactive"]) && $_REQUEST["lastactive"] != "" && $_REQUEST["lastactive"] >= 0) {
197
            $time = time() - ($_REQUEST["lastactive"] * 86400);
198
            $cmpfn = phorum_admin_gen_compare($_REQUEST["lastactive_op"]);
199
            $users = phorum_admin_filter_arr($users, "date_last_active", $time, $cmpfn);
200
        }
201
 
202
        $total=count($users);
203
 
204
        // count active
205
        $total_active=0;
206
        $total_poster=0;
207
        foreach($users as $user){
208
          if ($user['active']==1) {
209
            $total_active++;
210
            if (intval($user['posts'])) $total_poster++;
211
          }
212
        }
213
 
214
 
215
        settype($_REQUEST["start"], "integer");
216
 
217
        $display=30;
218
 
219
        $users=array_slice($users, $_REQUEST["start"], $display);
220
 
221
        if(count($users)) {
222
 
223
            $nav="";
224
 
225
            if($_REQUEST["start"]>0){
226
                $old_start=$_REQUEST["start"]-$display;
227
                $nav.="<a href=\"$_SERVER[PHP_SELF]?module=users&search=$url_safe_search&start=$old_start\">Previous Page</a>";
228
            }
229
 
230
            $nav.="&nbsp;&nbsp;";
231
 
232
            if($_REQUEST["start"]+$display<$total){
233
                $new_start=$_REQUEST["start"]+$display;
234
                $nav.="<a href=\"$_SERVER[PHP_SELF]?module=users&search=$url_safe_search&start=$new_start\">Next Page</a>";
235
            }
236
 
237
            echo <<<EOT
238
            <form name="UsersForm" action="{$_SERVER['PHP_SELF']}" method="post">
239
            <input type="hidden" name="module" value="users">
240
            <input type="hidden" name="action" value="deleteUsers">
241
            <table border="0" cellspacing="1" cellpadding="0"
242
                   class="PhorumAdminTable" width="100%">
243
            <tr>
244
                <td>$total users found ($total_active active, $total_poster posting)</td>
245
                <td colspan="3">Showing $display users at a time
246
                <td colspan="2" align="right">$nav</td>
247
            </tr>
248
            <tr>
249
                <td class="PhorumAdminTableHead">User</td>
250
                <td class="PhorumAdminTableHead">Email</td>
251
                <td class="PhorumAdminTableHead">Status</td>
252
                <td class="PhorumAdminTableHead">Posts</td>
253
                <td class="PhorumAdminTableHead">Last Activity</td>
254
                <td class="PhorumAdminTableHead">Delete</td>
255
            </tr>
256
EOT;
257
 
258
            foreach($users as $user){
259
 
260
                switch($user['active']){
261
 
262
                    case PHORUM_USER_ACTIVE:
263
                        $status = "Active";
264
                        break;
265
 
266
                    case PHORUM_USER_PENDING_EMAIL:
267
                    case PHORUM_USER_PENDING_BOTH:
268
                        $status = "Pending Confirmation";
269
                        break;
270
 
271
                    case PHORUM_USER_PENDING_MOD:
272
                        $status = "Pending Moderator Approval";
273
 
274
                    default:
275
                        $status = "Deactivated";
276
                }
277
 
278
                $posts = intval($user['posts']);
279
 
280
                $ta_class = "PhorumAdminTableRow".($ta_class == "PhorumAdminTableRow" ? "Alt" : "");
281
 
282
                echo "<tr>\n";
283
                echo "    <td class=\"".$ta_class."\"><a href=\"$_SERVER[PHP_SELF]?module=users&user_id={$user['user_id']}&edit=1\">".htmlspecialchars($user['username'])."</a></td>\n";
284
                echo "    <td class=\"".$ta_class."\">".htmlspecialchars($user['email'])."</td>\n";
285
                echo "    <td class=\"".$ta_class."\">{$status}</td>\n";
286
                echo "    <td class=\"".$ta_class."\" style=\"text-align:right\">{$posts}</td>\n";
287
                echo "    <td class=\"".$ta_class."\" align=\"right\">".(intval($user['date_last_active']) ? strftime($PHORUM['short_date'], intval($user['date_last_active'])) : "&nbsp;")."</td>\n";
288
                echo "    <td class=\"".$ta_class."\"><input type=\"checkbox\" name=\"deleteIds[]\" value=\"{$user['user_id']}\"></td>\n";
289
                echo "</tr>\n";
290
            }
291
 
292
            echo <<<EOT
293
            <tr>
294
              <td colspan="6" align="right">
295
              <input type="button" value="Check All"
296
               onClick="CheckboxControl(this.form, true);">
297
              <input type="button" value="Clear All"
298
               onClick="CheckboxControl(this.form, false);">
299
              <input type="submit" name="submit" value="Delete Selected Users"
300
               onClick="return confirm('Really delete the selected user(s)?')">
301
              </td>
302
            </tr>
303
            </table>
304
            </form>
305
EOT;
306
 
307
        } else {
308
 
309
            echo "No Users Found.";
310
 
311
        }
312
 
313
    }
314
 
315
    // display edit form
316
    if(isset($_REQUEST["user_id"])){
317
 
318
        $user=phorum_user_get($_REQUEST["user_id"]);
319
 
320
        if(count($user)){
321
 
322
            $frm =& new PhorumInputForm ("", "post", "Update");
323
 
324
            $frm->hidden("module", "users");
325
 
326
            $frm->hidden("section", "main");
327
 
328
            $frm->hidden("user_id", $_REQUEST["user_id"]);
329
 
330
            $frm->addbreak("Edit User");
331
 
332
            $frm->addrow("User Name", htmlspecialchars($user["username"])."&nbsp;&nbsp;<a href=\"#forums\">Edit Forum Permissions</a>&nbsp;&nbsp;<a href=\"#groups\">Edit Groups</a>");
333
 
334
            $frm->addrow("Email", $frm->text_box("email", $user["email"], 50));
335
            $frm->addrow("Password (Enter to change)", $frm->text_box("password1",""));
336
            $frm->addrow("Password (Confirmation)", $frm->text_box("password2",""));
337
 
338
 
339
            $frm->addrow("Signature", $frm->textarea("signature", htmlspecialchars($user["signature"])));
340
 
341
            $frm->addrow("Active", $frm->select_tag("active", array("No", "Yes"), $user["active"]));
342
 
343
            $frm->addrow("Administrator", $frm->select_tag("admin", array("No", "Yes"), $user["admin"]));
344
 
345
            $frm->addrow("Registration Date", phorum_date("%m/%d/%Y %I:%M%p",$user['date_added']));
346
 
347
            $row=$frm->addrow("Date last active", phorum_date("%m/%d/%Y %I:%M%p",$user['date_last_active']));
348
 
349
            $frm->addhelp($row, "Date last active", "This shows the date, when the user was last seen in the forum. Check your setting on \"Track user usage\" in the \"General Settings\". As long as this setting is not enabled, the activity will not be tracked.");
350
 
351
 
352
            $frm->show();
353
 
354
            echo "<br /><hr class=\"PhorumAdminHR\" /><br /><a name=\"forums\"></a>";
355
 
356
            $frm =& new PhorumInputForm ("", "post", "Update");
357
 
358
            $frm->hidden("user_id", $_REQUEST["user_id"]);
359
 
360
            $frm->hidden("module", "users");
361
 
362
            $frm->hidden("section", "forums");
363
 
364
            $row=$frm->addbreak("Edit Forum Permissions");
365
 
366
            $frm->addhelp($row, "Forum Permissions", "These are permissions set exclusively for this user.  You need to grant all permisssions you want the user to have for a forum here.  No permissions from groups or a forum's properties will be used once the user has specific permissions for a forum.");
367
 
368
            $forums=phorum_db_get_forums();
369
 
370
            $perm_frm = $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_READ."]", 1, "Read")."&nbsp;&nbsp;".
371
                        $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_REPLY."]", 1, "Reply")."&nbsp;&nbsp;".
372
                        $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_NEW_TOPIC."]", 1, "Create&nbsp;New&nbsp;Topics")."&nbsp;&nbsp;".
373
                        $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_EDIT."]", 1, "Edit&nbsp;Their&nbsp;Posts")."<br />".
374
                        $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_ATTACH."]", 1, "Attach&nbsp;Files")."<br />".
375
                        $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_MODERATE_MESSAGES."]", 1, "Moderate Messages")."&nbsp;&nbsp;".
376
                        $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_MODERATE_USERS."]", 1, "Moderate Users")."&nbsp;&nbsp;";
377
 
378
            $arr[]="Add A Forum...";
379
            foreach($forums as $forum_id=>$forum){
380
                if(!isset($user["forum_permissions"][$forum_id]))
381
                    $arr[$forum_id]=$forum["name"];
382
            }
383
 
384
            if(count($arr)>1)
385
                $frm->addrow($frm->select_tag("new_forum", $arr), $perm_frm);
386
 
387
 
388
            if(is_array($user["forum_permissions"])){
389
                foreach($user["forum_permissions"] as $forum_id=>$perms){
390
                    $perm_frm = $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_READ."]", 1, "Read", ($perms & PHORUM_USER_ALLOW_READ))."&nbsp;&nbsp;".
391
                                $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_REPLY."]", 1, "Reply", ($perms & PHORUM_USER_ALLOW_REPLY))."&nbsp;&nbsp;".
392
                                $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_NEW_TOPIC."]", 1, "Create&nbsp;New&nbsp;Topics", ($perms & PHORUM_USER_ALLOW_NEW_TOPIC))."&nbsp;&nbsp;".
393
                                $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_EDIT."]", 1, "Edit&nbsp;Their&nbsp;Posts", ($perms & PHORUM_USER_ALLOW_EDIT))."<br />".
394
                                $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_ATTACH."]", 1, "Attach&nbsp;Files", ($perms & PHORUM_USER_ALLOW_ATTACH))."<br />".
395
                                $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_MODERATE_MESSAGES."]", 1, "Moderate Messages", ($perms & PHORUM_USER_ALLOW_MODERATE_MESSAGES))."&nbsp;&nbsp;".
396
                                $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_MODERATE_USERS."]", 1, "Moderate Users", ($perms & PHORUM_USER_ALLOW_MODERATE_USERS))."&nbsp;&nbsp;".
397
 
398
                    $frm->hidden("forums[$forum_id]", $forum_id);
399
 
400
                    $row=$frm->addrow($forums[$forum_id]["name"]."<br />".$frm->checkbox("delforum[$forum_id]", 1, "Delete"), $perm_frm);
401
 
402
                }
403
            }
404
 
405
            $frm->show();
406
 
407
            echo "<br /><hr class=\"PhorumAdminHR\" /><br /><a name=\"groups\"></a>";
408
 
409
            $frm =& new PhorumInputForm ("", "post", "Update");
410
 
411
            $frm->hidden("user_id", $_REQUEST["user_id"]);
412
 
413
            $frm->hidden("module", "users");
414
 
415
            $frm->hidden("section", "groups");
416
 
417
            $extra_opts = "";
418
            // if its an admin, let the user know that the admin will be able to act as a moderator no matter what
419
            if ($user["admin"]){
420
                $row=$frm->addbreak("Edit Groups (Admins can act as a moderator of every group, regardless of these values)");
421
            }
422
            else{
423
                $row=$frm->addbreak("Edit Groups");
424
            }
425
 
426
            $groups= phorum_db_get_groups();
427
            $usergroups = phorum_user_get_groups($_REQUEST["user_id"]);
428
 
429
            $arr=array("Add A Group...");
430
            foreach($groups as $group_id=>$group){
431
                if(!isset($usergroups[$group_id]))
432
                    $arr[$group_id]=$group["name"];
433
            }
434
 
435
            if(count($arr)>1)
436
                $frm->addrow("Add A Group", $frm->select_tag("new_group", $arr));
437
 
438
            if(is_array($usergroups)){
439
                $group_options = array(PHORUM_USER_GROUP_REMOVE => "< Remove User From Group >",
440
                        PHORUM_USER_GROUP_SUSPENDED => "Suspended",
441
                        PHORUM_USER_GROUP_UNAPPROVED => "Unapproved",
442
                        PHORUM_USER_GROUP_APPROVED => "Approved",
443
                        PHORUM_USER_GROUP_MODERATOR => "Group Moderator");
444
                foreach($usergroups as $group_id => $group_perm){
445
                    $group_info = phorum_db_get_groups($group_id);
446
                    $frm->hidden("groups[$group_id]", "$group_id");
447
                    $frm->addrow($group_info[$group_id]["name"], $frm->select_tag("group_perm[$group_id]", $group_options, $group_perm, $extra_opts));
448
                }
449
            }
450
 
451
            $frm->show();
452
 
453
        } else {
454
 
455
            echo "User Not Found.";
456
 
457
        }
458
 
459
    }
460
 
461
?>