Admin users page. some fix to template processor.

10 years ago · ede011cc32
5 changed files with 211 additions and 87 deletions
--- a/include/main.js
+++ b/include/main.js
@ -307,3 +307,15 @@
 		});
 	}

+/** 
+ * sprintf in javascript 
+ *	"{0} and {1}".format('zero','uno'); 
+ **/
+String.prototype.format = function() {
+    var formatted = this;
+    for (var i = 0; i < arguments.length; i++) {
+        var regexp = new RegExp('\\{'+i+'\\}', 'gi');
+        formatted = formatted.replace(regexp, arguments[i]);
+    }
+    return formatted;
+};
--- a/include/template_processor.php
+++ b/include/template_processor.php
@ -71,11 +71,7 @@
 			} else {
 				$val = $this->_get_var($args[2]);
 			}
-			if (isset($args[4])) {
-				list($strue, $sfalse)= explode($args[4], $args[3]);
-			} else {
-				$strue = $args[3]; $sfalse = "";
-			}
+			list($strue, $sfalse)= preg_split("|{{ *else *}}|", $args[3]);
 			
 			return ($val?$strue:$sfalse);
 		}
@ -135,7 +131,6 @@
 				$s = "";
 			}
 			$s = preg_replace_callback('/\|\|([0-9]+)\|\|/', array($this, "_replcb_node"), $s);
-			if ($s==Null) $this->_preg_error()	
 			return $s;
 		}
 						
@ -168,7 +163,7 @@
 			#$s = str_replace(array("\n","\r"),array("§n§","§r§"),$s);
 			$s = $this->_build_nodes($s);
 			$s = preg_replace_callback('/\|\|([0-9]+)\|\|/', array($this, "_replcb_node"), $s);
-			if ($s==Null) $this->_preg_error()
+			if ($s==Null) $this->_preg_error();
 			$s = str_replace($this->search,$this->replace, $s);
 			
 			return $s;
--- a/mod/admin.php
+++ b/mod/admin.php
@ -22,6 +22,9 @@ function admin_post(&$a){
 			case 'site':
 				admin_page_site_post($a);
 				break;
+			case 'users':
+				admin_page_users_post($a);
+				break;				
 			case 'logs':
 				admin_page_logs_post($a);
 				break;
@ -307,8 +310,74 @@ function admin_page_site(&$a) {
 /**
 * Users admin page
 */
+function admin_page_users_post(&$a){
+	$users=array(); $pending=array();
+	foreach($_POST as $k=>$v){
+		if (substr($k,0,5)=="user_") $users[] = substr($k,5,strlen($k)-5);
+		if (substr($k,0,8)=="pending_") $users[] = substr($k,8,strlen($k)-8);
+	}
+	
+	if (x($_POST,'page_users_block')){
+		foreach($users as $uid){
+			q("UPDATE `user` SET `blocked`=1-`blocked` WHERE `uid`=%s",
+				intval( $uid )
+			);
+		}
+		notice( sprintf( tt("%s user blocked", "%s users blocked", count($users)), count($users)) );
+	}
+	if (x($_POST,'page_users_delete')){
+		require_once("include/Contact.php");
+		foreach($users as $uid){
+			user_remove($uid);
+		}
+		notice( sprintf( tt("%s user deleted", "%s users deleted", count($users)), count($users)) );
+	}
+	
+	if (x($_POST,'page_users_approve')){
+		require_once("include/regmod.php");
+		foreach($pending as $hash){
+			user_allow($hash);
+		}
+	}
+	if (x($_POST,'page_users_deny')){
+		require_once("include/regmod.php");
+		foreach($pending as $hash){
+			user_deny($hash);
+		}
+	}
+	goaway($a->get_baseurl() . '/admin/users' );
+	return; // NOTREACHED	
+}
 
 function admin_page_users(&$a){
+	if ($a->argc>2) {
+		$uid = $a->argv[3];
+		$user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
+		if (count($user)==0){
+			notice( 'User not found' . EOL);
+			goaway($a->get_baseurl() . '/admin/users' );
+			return; // NOTREACHED						
+		}		
+		switch($a->argv[2]){
+			case "delete":{
+				// delete user
+				require_once("include/Contact.php");
+				user_remove($uid);
+				
+				notice( sprintf(t("User '%s' deleted"), $user[0]['username']) . EOL);
+			}; break;
+			case "block":{
+				q("UPDATE `user` SET `blocked`=%d WHERE `uid`=%s",
+					intval( 1-$user[0]['blocked'] ),
+					intval( $uid )
+				);
+			}; break;
+		}
+		goaway($a->get_baseurl() . '/admin/users' );
+		return; // NOTREACHED	
+		
+	}
+	
 	/* get pending */
 	$pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
 				 FROM `register`
@ -316,11 +385,34 @@ function admin_page_users(&$a){
 				 LEFT JOIN `user` ON `register`.`uid` = `user`.`uid`;");
 	
 	/* get users */
-	$users = q("SELECT `user`.*, `contact`.`name` FROM `user` 
-					LEFT JOIN `contact` ON `user`.`uid` = `contact`.`uid`
-					WHERE `user`.`verified`=1 AND `contact`.`self`=1
-					ORDER BY `contact`.`name`");
+	$users = q("SELECT `user` . * , `contact`.`name` , `contact`.`url` , `contact`.`micro` , `lastitem`.`changed` AS `lastitem_date`
+				FROM (
+					SELECT `item`.`changed` , `item`.`uid`
+					FROM `item`
+					GROUP BY `uid`
+					ORDER BY `item`.`changed`
+				) AS `lastitem` , `user`
+				LEFT JOIN `contact` ON `user`.`uid` = `contact`.`uid`
+				WHERE `user`.`verified` =1
+				AND `contact`.`self` =1
+				AND `lastitem`.`uid` = `user`.`uid`
+				ORDER BY `contact`.`name`
+				");
 					
+	function _setup_users($e){
+		$accounts = Array(
+			t('Normal Account'), 
+			t('Soapbox Account'),
+			t('Community/Celebrity Account'),
+			t('Automatic Friend Account')
+		);
+		$e['page-flags'] = $accounts[$e['page-flags']];
+		$e['register_date'] = relative_date($e['register_date']);
+		$e['login_date'] = relative_date($e['login_date']);
+		$e['lastitem_date'] = relative_date($e['lastitem_date']);
+		return $e;
+	}
+	$users = array_map("_setup_users", $users);
 	
 	$t = get_markup_template("admin_users.tpl");
 	return replace_macros($t, array(
@ -336,9 +428,14 @@ function admin_page_users(&$a){
 		'$deny' => t('Deny'),
 		'$delete' => t('Delete'),
 		'$block' => t('Block'),
+		'$unblock' => t('Unblock'),
 		
 		'$h_users' => t('Users'),
-		'$th_users' => array( t('Name'), t('Nickname'), t('Email'), t('Register date'), t('Last login') ),
+		'$th_users' => array( t('Name'), t('Email'), t('Register date'), t('Last login'), t('Last item'), t('Account') ),
+
+		'$confirm_delete_multi' => t('Selected users will be deleted!\n\nEverything these users had posted on this site will be permanently deleted!\n\nAre you sure?'),
+		'$confirm_delete' => t('The user {0} will be deleted!\n\nEverything this user has posted on this site will be permanently deleted!\n\nAre you sure?'),
+

 		// values //
 		'$baseurl' => $a->get_baseurl(),
--- a/mod/regmod.php
+++ b/mod/regmod.php
@ -1,6 +1,96 @@
 <?php

+function user_allow($hash) {
+	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+		dbesc($hash)
+	);
+

+	if(! count($register))
+		return false;
+
+	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	);
+	
+	if(! count($user))
+		killme();
+
+	$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+		dbesc($register[0]['hash'])
+	);
+
+
+	$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	);
+	
+	$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
+		intval($user[0]['uid'])
+	);
+	if(count($r) && $r[0]['net-publish']) {
+		$url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
+		if($url && strlen(get_config('system','directory_submit_url')))
+			proc_run('php',"include/directory.php","$url");
+	}
+
+	push_lang($register[0]['language']);
+
+	$email_tpl = get_intltext_template("register_open_eml.tpl");
+	$email_tpl = replace_macros($email_tpl, array(
+			'$sitename' => $a->config['sitename'],
+			'$siteurl' =>  $a->get_baseurl(),
+			'$username' => $user[0]['username'],
+			'$email' => $user[0]['email'],
+			'$password' => $register[0]['password'],
+			'$uid' => $user[0]['uid']
+	));
+
+	$res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
+		$email_tpl,
+			'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
+			. 'Content-type: text/plain; charset=UTF-8' . "\n"
+			. 'Content-transfer-encoding: 8bit' );
+
+	pop_lang();
+
+	if($res) {
+		info( t('Account approved.') . EOL );
+		return true;
+	}	
+
+}
+
+function user_deny($hash) {
+
+	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+		dbesc($hash)
+	);
+
+	if(! count($register))
+		return false;
+
+	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	);
+	
+	$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	);
+	$r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	); 
+	$r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
+		intval($register[0]['uid'])
+	); 
+
+	$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+		dbesc($register[0]['hash'])
+	);
+	notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
+	return true;
+	
+}

 function regmod_content(&$a) {

@ -14,7 +104,7 @@ function regmod_content(&$a) {
 		return $o;
 	}

-	if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) {
+	if(!is_site_admin()) {
 		notice( t('Permission denied.') . EOL);
 		return '';
 	}
@ -26,84 +116,12 @@ function regmod_content(&$a) {
 	$hash = $a->argv[2];


-	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
-		dbesc($hash)
-	);
-
-
-	if(! count($register))
-		killme();
-
-	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
-		intval($register[0]['uid'])
-	);

 	if($cmd === 'deny') {
-
-		$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		);
-		$r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		); 
-		$r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		); 
-
-		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
-			dbesc($register[0]['hash'])
-		);
-		notice( sprintf(t('Registration revoked for %s'), $user[0]['username']) . EOL);
-		return;
-
+		if (!user_deny($hash)) killme();
 	}

 	if($cmd === 'allow') {
-
-		if(! count($user))
-			killme();
-
-		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
-			dbesc($register[0]['hash'])
-		);
-
-
-		$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
-			intval($register[0]['uid'])
-		);
-		
-		$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
-			intval($user[0]['uid'])
-		);
-		if(count($r) && $r[0]['net-publish']) {
-			$url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
-			if($url && strlen(get_config('system','directory_submit_url')))
-				proc_run('php',"include/directory.php","$url");
-		}
-
-		push_lang($register[0]['language']);
-
-		$email_tpl = get_intltext_template("register_open_eml.tpl");
-		$email_tpl = replace_macros($email_tpl, array(
-				'$sitename' => $a->config['sitename'],
-				'$siteurl' =>  $a->get_baseurl(),
-				'$username' => $user[0]['username'],
-				'$email' => $user[0]['email'],
-				'$password' => $register[0]['password'],
-				'$uid' => $user[0]['uid']
-		));
-
-		$res = mail($user[0]['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
-			$email_tpl,
-				'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
-				. 'Content-type: text/plain; charset=UTF-8' . "\n"
-				. 'Content-transfer-encoding: 8bit' );
-
-		pop_lang();
-
-		if($res) {
-			info( t('Account approved.') . EOL );
-			return;
-		}
+		if (!user_allow($hash)) killme();
 	}
 }
--- a/view/theme/duepuntozero/style.css
+++ b/view/theme/duepuntozero/style.css
@ -2561,6 +2561,8 @@ a.mail-list-link {
 #adminpage table {width:100%; border-bottom: 1p solid #000000; margin: 5px 0px;}
 #adminpage table th { text-align: left;}
 #adminpage td .icon { float: left;}
+#adminpage table#users img { width: 16px; height: 16px; }
+#adminpage table tr:hover { background-color: #bbc7d7; }
 /**
 * ICONS
 */