source: extensions/UserAdvManager/trunk/main.inc.php @ 18205

Revision 18205, 7.9 KB checked in by flop25, 7 years ago (diff)

no more need of confirmMail.php / tpl
better handle on init
bug pending :
-no login on key validation (like previously)
-no confirmation msg on key validation : $pageinfos[] doesn't seems to work on identification page

  • Property svn:eol-style set to LF
Line 
1<?php
2/*
3Plugin Name: UserAdvManager
4Version: auto
5Description: Renforcer la gestion des utilisateurs - Enforce users management
6Plugin URI: http://piwigo.org/ext/extension_view.php?eid=216
7Author: Nicco, Eric
8Author URI: http://gallery-nicco.no-ip.org, http://www.infernoweb.net
9*/
10
11/* History:  UAM_PATH.'Changelog.txt.php' */
12
13/*
14 ***** TODO List *****
15See project bugtracker: http://piwigo.org/bugs/my_view_page.php
16*/
17
18if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
19if (!defined('UAM_PATH')) define('UAM_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
20
21global $conf;
22
23include_once (UAM_PATH.'include/constants.php');
24include_once (UAM_PATH.'include/functions.inc.php');
25
26load_language('plugin.lang', UAM_PATH);
27load_language('help.lang', UAM_PATH);
28$conf_UAM = unserialize($conf['UserAdvManager']);
29
30
31// Plugin administration panel
32// ---------------------------
33add_event_handler('get_admin_plugin_menu_links', 'UAM_admin_menu');
34
35// Features and controls on user connexion
36// ---------------------------------------
37add_event_handler('loc_begin_index', 'UAM_Init');
38
39// User creation
40// -------------
41add_event_handler('register_user', 'UAM_Adduser');
42
43// User deletion
44// -------------
45add_event_handler('delete_user', 'UAM_Deluser');
46
47// Check users registration
48// ------------------------
49add_event_handler('register_user_check', 'UAM_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
50
51if (script_basename() == 'profile')
52{
53  add_event_handler('loc_begin_profile', 'UAM_Profile_Init');
54}
55
56// Redirection to profile page
57// ---------------------------
58add_event_handler('login_success', 'UAM_LoginTasks');
59
60// Adding customized text to lost password email
61// ---------------------------------------------
62add_event_handler('render_lost_password_mail_content', 'UAM_lost_password_mail_content');
63
64// *** Important ! This is necessary to make email exclusion work in admin's users management panel ***
65// ----------------------------------------------------------------------------------------------------
66add_event_handler('init', 'UAM_InitPage');
67
68
69// PWG_Stuffs module
70// -----------------
71if (isset($conf_UAM[33]) and $conf_UAM[33] == 'true')
72{
73  add_event_handler('get_stuffs_modules', 'register_UAM_stuffs_module');
74}
75
76// Add new feature in user_list - Password Reset
77// ---------------------------------------------
78if (isset($conf_UAM[38]) and $conf_UAM[38] == 'true')
79{
80  // Add new column on user_list
81  // ---------------------------
82  add_event_handler('loc_visible_user_list', 'UAM_loc_visible_user_list');
83
84  // Add prefilter on user_list
85  // --------------------------
86  add_event_handler('loc_begin_admin', 'UAM_PwdReset_Action',60);
87
88  /**
89   * UAM_PwdReset_Action - Triggered on UAM_PwdReset_Action
90   * Handle password reset action in user_list.php
91   */
92  function UAM_PwdReset_Action()
93  {
94    global $conf, $user, $template, $lang, $errors;
95
96    $page['errors'] = array();
97    $page['infos'] = array();
98    $page['filtered_users'] = array();
99
100    if (isset($_POST['pwdreset']))
101    {
102      $collection = array();
103
104      switch ($_POST['target'])
105      {
106        case 'all' :
107        {
108          foreach($page['filtered_users'] as $local_user)
109          {
110            array_push($collection, $local_user['id']);
111          }
112          break;
113        }
114        case 'selection' :
115        {
116          if (isset($_POST['selection']))
117          {
118            $collection = $_POST['selection'];
119          }
120          break;
121        }
122      }
123
124      if (count($collection) == 0)
125      {
126        array_push($page['errors'], l10n('Select at least one user'));
127      }
128    }
129
130    if (isset($_POST['pwdreset']) and count($collection) > 0)
131    {
132      if (in_array($conf['guest_id'], $collection))
133      {
134        array_push($page['errors'], l10n('UAM_Guest cannot be pwdreset'));
135        $template->append('errors', l10n('UAM_Guest cannot be pwdreset'));
136      }
137      if (($conf['guest_id'] != $conf['default_user_id']) and
138        in_array($conf['default_user_id'], $collection))
139      {
140        array_push($page['errors'], l10n('UAM_Default user cannot be pwgreset'));
141        $template->append('errors', l10n('UAM_Default user cannot be pwgreset'));
142      }
143      if (in_array($conf['webmaster_id'], $collection))
144      {
145        array_push($page['errors'], l10n('UAM_Webmaster cannot be pwdreset'));
146        $template->append('errors', l10n('UAM_Webmaster cannot be pwdreset'));
147      }
148      if (in_array($user['id'], $collection))
149      {
150        array_push($page['errors'], l10n('UAM_You cannot pwdreset your account'));
151        $template->append('errors', l10n('UAM_You cannot pwdreset your account'));
152      }
153
154      // Generic accounts exclusion (including Adult_Content generic users)
155      // ------------------------------------------------------------------
156      $query ='
157SELECT u.id
158FROM '.USERS_TABLE.' AS u
159INNER JOIN '.USER_INFOS_TABLE.' AS ui
160  ON u.id = ui.user_id
161WHERE ui.status = "generic"
162;';
163
164            $result = pwg_query($query);
165
166      while ($row = pwg_db_fetch_assoc($result))
167      {
168        if (in_array($row['id'], $collection))
169        {
170          array_push($page['errors'], l10n('UAM_Generic cannot be pwdreset'));
171          $errors = l10n('UAM_Generic cannot be pwdreset');
172        }
173      }
174
175      // Admins accounts exclusion
176      // --------------------------
177      $query ='
178SELECT u.id
179FROM '.USERS_TABLE.' AS u
180INNER JOIN '.USER_INFOS_TABLE.' AS ui
181  ON u.id = ui.user_id
182WHERE ui.status = "admin"
183;';
184
185            $result = pwg_query($query);
186
187      while ($row = pwg_db_fetch_assoc($result))
188      {
189        if (in_array($row['id'], $collection))
190        {
191          array_push($page['errors'], l10n('UAM_Admins cannot be pwdreset'));
192          $errors = l10n('UAM_Admins cannot be pwdreset');
193        }
194      }
195
196      $template->append('errors', $errors);
197
198      if (count($page['errors']) == 0)
199      {
200        if (isset($_POST['confirm_pwdreset']) and 1 == $_POST['confirm_pwdreset'])
201        {
202          foreach ($collection as $user_id)
203          {
204            UAM_Set_PwdReset($user_id);
205          }
206          array_push(
207            $page['infos'],
208            l10n_dec(
209              'UAM %d user pwdreseted', 'UAM %d users pwdreseted',
210              count($collection)
211              )
212            );
213          $template->append('infos', l10n_dec(
214              'UAM %d user pwdreseted', 'UAM %d users pwdreseted',
215              count($collection)));
216          foreach ($page['filtered_users'] as $filter_key => $filter_user)
217          {
218            if (in_array($filter_user['id'], $collection))
219            {
220              unset($page['filtered_users'][$filter_key]);
221            }
222          }
223        }
224        else
225        {
226          array_push($page['errors'], l10n('UAM_You need to confirm pwdreset'));
227          $template->append('errors', l10n('UAM_You need to confirm pwdreset'));
228        }
229      }
230    }
231    $template->set_prefilter('user_list', 'UAM_PwdReset_Prefilter');
232  }
233
234  /**
235   * UAM_PwdReset_Prefilter
236   * Adds action field for password reset in user_list.tpl
237   */
238  function UAM_PwdReset_Prefilter($content, &$smarty)
239  {
240    $search = '
241<fieldset>
242  <legend>{\'Deletions\'|@translate}</legend>
243  <label><input type="checkbox" name="confirm_deletion" value="1"> {\'confirm\'|@translate}</label>
244  <input class="submit" type="submit" value="{\'Delete selected users\'|@translate}" name="delete">
245</fieldset>
246';
247 
248    $addon = '
249<fieldset>
250  <legend>{\'UAM_PwdReset\'|@translate}</legend>
251  <label><input type="checkbox" name="confirm_pwdreset" value="1"> {\'confirm\'|@translate}</label>
252  <input class="submit" type="submit" value="{\'UAM_Password reset selected users\'|@translate}" name="pwdreset">
253</fieldset>
254';
255
256    $replacement = $addon.$search;
257
258    return str_replace($search, $replacement, $content);
259  }
260}
261
262
263// Check options compatibility between UAM and Piwigo at admin page load
264// ---------------------------------------------------------------------
265add_event_handler('loc_begin_admin_page', 'UAM_check_compat');
266?>
Note: See TracBrowser for help on using the repository browser.