source: extensions/UserAdvManager/branches/2.40/main.inc.php @ 13825

Revision 13825, 7.7 KB checked in by Eric, 8 years ago (diff)

r13822 merged from trunk
Bug 2602 fixed - Sql error when Confirmation by admin is set
Small code refactoring and cleanup
en_UK reference translation spellchecking
de_DE translation updated
fr_FR translation updated

  • Property svn:eol-style set to LF
Line 
1<?php
2/*
3Plugin Name: UserAdvManager
4Version: 2.40.0
5Description: Renforcer la gestion des utilisateurs - Enforce users management
6Plugin URI: http://piwigo.org/ext/extension_view.php?eid=216
7Author: Nicco, Eric
8Author URI: http://gallery-nicco.no-ip.org, http://www.infernoweb.net
9*/
10
11/* History:  UAM_PATH.'Changelog.txt.php' */
12
13/*
14 ***** TODO List *****
15See project bugtracker: http://piwigo.org/bugs/my_view_page.php
16*/
17
18if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
19if (!defined('UAM_PATH')) define('UAM_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
20
21global $conf;
22
23include_once (UAM_PATH.'include/constants.php');
24include_once (UAM_PATH.'include/functions.inc.php');
25
26load_language('plugin.lang', UAM_PATH);
27load_language('help.lang', UAM_PATH);
28$conf_UAM = unserialize($conf['UserAdvManager']);
29
30
31// Plugin administration panel
32// ---------------------------
33add_event_handler('get_admin_plugin_menu_links', 'UAM_admin_menu');
34
35// Lastvisit table feed for Ghost Tracker
36// --------------------------------------
37add_event_handler('loc_begin_index', 'UAM_GhostTracker');
38
39// User creation
40// -------------
41add_event_handler('register_user', 'UAM_Adduser');
42
43// User deletion
44// -------------
45add_event_handler('delete_user', 'UAM_Deluser');
46
47// Check users registration
48// ------------------------
49add_event_handler('register_user_check', 'UAM_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
50
51if (script_basename() == 'profile')
52{
53  add_event_handler('loc_begin_profile', 'UAM_Profile_Init');
54}
55
56// Redirection to profile page
57// ---------------------------
58add_event_handler('login_success', 'UAM_LoginTasks');
59
60// Adding customized text to lost password email
61// ---------------------------------------------
62add_event_handler('render_lost_password_mail_content', 'UAM_lost_password_mail_content');
63
64// *** Important ! This is necessary to make email exclusion work in admin's users management panel ***
65// ----------------------------------------------------------------------------------------------------
66add_event_handler('init', 'UAM_InitPage');
67
68// PWG_Stuffs module
69// -----------------
70if (isset($conf_UAM[33]) and $conf_UAM[33] == 'true')
71{
72  add_event_handler('get_stuffs_modules', 'register_UAM_stuffs_module');
73}
74
75// Add new feature in user_list - Password Reset
76// ---------------------------------------------
77if (isset($conf_UAM[38]) and $conf_UAM[38] == 'true')
78{
79  // Add new column on user_list
80  // ---------------------------
81  add_event_handler('loc_visible_user_list', 'UAM_loc_visible_user_list');
82
83  // Add prefilter on user_list
84  // --------------------------
85  add_event_handler('loc_begin_admin', 'UAM_PwdReset_Action',60);
86
87  /**
88   * UAM_PwdReset_Action - Triggered on UAM_PwdReset_Action
89   * Handle password reset action in user_list.php
90   */
91  function UAM_PwdReset_Action()
92  {
93    global $conf, $user, $template, $lang, $errors;
94
95    $page['errors'] = array();
96    $page['infos'] = array();
97    $page['filtered_users'] = array();
98
99    if (isset($_POST['pwdreset']))
100    {
101      $collection = array();
102
103      switch ($_POST['target'])
104      {
105        case 'all' :
106        {
107          foreach($page['filtered_users'] as $local_user)
108          {
109            array_push($collection, $local_user['id']);
110          }
111          break;
112        }
113        case 'selection' :
114        {
115          if (isset($_POST['selection']))
116          {
117            $collection = $_POST['selection'];
118          }
119          break;
120        }
121      }
122
123      if (count($collection) == 0)
124      {
125        array_push($page['errors'], l10n('Select at least one user'));
126      }
127    }
128
129    if (isset($_POST['pwdreset']) and count($collection) > 0)
130    {
131      if (in_array($conf['guest_id'], $collection))
132      {
133        array_push($page['errors'], l10n('UAM_Guest cannot be pwdreset'));
134        $template->append('errors', l10n('UAM_Guest cannot be pwdreset'));
135      }
136      if (($conf['guest_id'] != $conf['default_user_id']) and
137        in_array($conf['default_user_id'], $collection))
138      {
139        array_push($page['errors'], l10n('UAM_Default user cannot be pwgreset'));
140        $template->append('errors', l10n('UAM_Default user cannot be pwgreset'));
141      }
142      if (in_array($conf['webmaster_id'], $collection))
143      {
144        array_push($page['errors'], l10n('UAM_Webmaster cannot be pwdreset'));
145        $template->append('errors', l10n('UAM_Webmaster cannot be pwdreset'));
146      }
147      if (in_array($user['id'], $collection))
148      {
149        array_push($page['errors'], l10n('UAM_You cannot pwdreset your account'));
150        $template->append('errors', l10n('UAM_You cannot pwdreset your account'));
151      }
152
153      // Generic accounts exclusion (including Adult_Content generic users)
154      // ------------------------------------------------------------------
155      $query ='
156SELECT u.id
157FROM '.USERS_TABLE.' AS u
158INNER JOIN '.USER_INFOS_TABLE.' AS ui
159  ON u.id = ui.user_id
160WHERE ui.status = "generic"
161;';
162
163            $result = pwg_query($query);
164
165      while ($row = pwg_db_fetch_assoc($result))
166      {
167        if (in_array($row['id'], $collection))
168        {
169          array_push($page['errors'], l10n('UAM_Generic cannot be pwdreset'));
170          $errors = l10n('UAM_Generic cannot be pwdreset');
171        }
172      }
173
174      // Admins accounts exclusion
175      // --------------------------
176      $query ='
177SELECT u.id
178FROM '.USERS_TABLE.' AS u
179INNER JOIN '.USER_INFOS_TABLE.' AS ui
180  ON u.id = ui.user_id
181WHERE ui.status = "admin"
182;';
183
184            $result = pwg_query($query);
185
186      while ($row = pwg_db_fetch_assoc($result))
187      {
188        if (in_array($row['id'], $collection))
189        {
190          array_push($page['errors'], l10n('UAM_Admins cannot be pwdreset'));
191          $errors = l10n('UAM_Admins cannot be pwdreset');
192        }
193      }
194
195      $template->append('errors', $errors);
196
197      if (count($page['errors']) == 0)
198      {
199        if (isset($_POST['confirm_pwdreset']) and 1 == $_POST['confirm_pwdreset'])
200        {
201          foreach ($collection as $user_id)
202          {
203            UAM_Set_PwdReset($user_id);
204          }
205          array_push(
206            $page['infos'],
207            l10n_dec(
208              'UAM %d user pwdreseted', 'UAM %d users pwdreseted',
209              count($collection)
210              )
211            );
212          $template->append('infos', l10n_dec(
213              'UAM %d user pwdreseted', 'UAM %d users pwdreseted',
214              count($collection)));
215          foreach ($page['filtered_users'] as $filter_key => $filter_user)
216          {
217            if (in_array($filter_user['id'], $collection))
218            {
219              unset($page['filtered_users'][$filter_key]);
220            }
221          }
222        }
223        else
224        {
225          array_push($page['errors'], l10n('UAM_You need to confirm pwdreset'));
226          $template->append('errors', l10n('UAM_You need to confirm pwdreset'));
227        }
228      }
229    }
230    $template->set_prefilter('user_list', 'UAM_PwdReset_Prefilter');
231  }
232
233  /**
234   * UAM_PwdReset_Prefilter
235   * Adds action field for password reset in user_list.tpl
236   */
237  function UAM_PwdReset_Prefilter($content, &$smarty)
238  {
239    $search = '
240<fieldset>
241  <legend>{\'Deletions\'|@translate}</legend>
242  <label><input type="checkbox" name="confirm_deletion" value="1"> {\'confirm\'|@translate}</label>
243  <input class="submit" type="submit" value="{\'Delete selected users\'|@translate}" name="delete">
244</fieldset>
245';
246 
247    $addon = '
248<fieldset>
249  <legend>{\'UAM_PwdReset\'|@translate}</legend>
250  <label><input type="checkbox" name="confirm_pwdreset" value="1"> {\'confirm\'|@translate}</label>
251  <input class="submit" type="submit" value="{\'UAM_Password reset selected users\'|@translate}" name="pwdreset">
252</fieldset>
253';
254
255    $replacement = $addon.$search;
256
257    return str_replace($search, $replacement, $content);
258  }
259}
260?>
Note: See TracBrowser for help on using the repository browser.