Context Navigation

← Previous Change
Next Change →

Changeset 22039 for extensions/Register_FluxBB

Timestamp:

Apr 6, 2013, 5:27:15 PM (11 years ago)

Author:

Eric

Message:

Bug fixed : Admins passwords synchronization between FluxBB and Piwigo when changed
Bug fixed : Password synchronization between FluxBB and Piwigo if a user uses Piwigo's password recovery system
Bug fixed : Exclude password comparison from audit
Todo : Recode synch, migration and audit actions for existing users before plugin activation - Have to take care on passwords !

Location:

extensions/Register_FluxBB

Files:

: 3 edited

admin/admin.php (modified) (5 diffs)
include/functions.inc.php (modified) (15 diffs)
main.inc.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

extensions/Register_FluxBB/admin/admin.php

-                      r21913
+                      r22039
 $plugin =  RegFluxBB_Infos(REGFLUXBB_PATH);
 $version = $plugin['version'] ;
-// +-----------------------------------------------------------------------+
-// |                            Actions process                            |
-// +-----------------------------------------------------------------------+
-if (isset($_GET['action']) and ($_GET['action']=='link_dead'))
+{
-  $query = '
-DELETE FROM '.Register_FluxBB_ID_TABLE.'
-WHERE id_user_FluxBB NOT IN (
-  SELECT id
-  FROM '.FluxBB_USERS_TABLE.'
+  )
-OR id_user_pwg NOT IN (
-  SELECT id
-  FROM '.USERS_TABLE.'
+  )
-;';
-  $result = pwg_query($query);
-  Audit_PWG_FluxBB();
+}
-else if (isset($_GET['action']) and ($_GET['action']=='link_del') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
+{
-  $query = '
-DELETE FROM '.Register_FluxBB_ID_TABLE.'
-WHERE id_user_pwg = '.$_GET['pwg_id'].'
-AND id_user_FluxBB = '.$_GET['bb_id'].'
-;';
-  $result = pwg_query($query);
-  Audit_PWG_FluxBB();
+}
-else if (isset($_GET['action']) and ($_GET['action']=='new_link') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
+{
-  FluxBB_Linkuser($_GET['pwg_id'], $_GET['bb_id']);
-  Audit_PWG_FluxBB();
+}
-else if (isset($_GET['action']) and ($_GET['action']=='sync_user') and isset($_GET['username']))
+{
-  $query = '
-SELECT id AS id_pwg, username, password, mail_address
-FROM '.USERS_TABLE.'
-WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
-AND username NOT IN ("18","16")
-LIMIT 1
-;';
-  $data = pwg_db_fetch_assoc(pwg_query($query));
-  if (!empty($data))
+  {
-    FluxBB_Updateuser($data['id_pwg'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+  }
-  Audit_PWG_FluxBB();
+}
-else if (isset($_GET['action']) and ($_GET['action']=='add_user') and isset($_GET['username']))
+{
-  $query = '
-SELECT id, username, password, mail_address
-FROM '.USERS_TABLE.'
-WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
-AND username NOT IN ("18","16")
-LIMIT 1
-;';
-  $data = pwg_db_fetch_assoc(pwg_query($query));
-  if (!empty($data))
-    FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
-    Audit_PWG_FluxBB();
+}
-else if (isset($_GET['action']) and ($_GET['action']=='del_user') and isset($_GET['id']))
+{
-  FluxBB_Deluser( $_GET['id'], true );
-  Audit_PWG_FluxBB();
+}
 // +------------------------------------------------------------------+
 …
 // |                    Migration and Audit                     |
 // +------------------------------------------------------------+
 if (isset($_POST['Migration']))
+{
   array_push($page['infos'], l10n('Mig_Start').'<br><br>');
   array_push($page['infos'], l10n('Mig_Del_Link').'<br><br>');
   $query = 'TRUNCATE '.Register_FluxBB_ID_TABLE.';';
   $result = pwg_query($query);
   $msg_Mig_Del_AllUsers = '';
   $query = '
 SELECT username, id
 FROM '.FluxBB_USERS_TABLE.'
 ;';
   $result = pwg_query($query);
   while ($row = pwg_db_fetch_assoc($result))
+  {
     if((stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_GUEST'])) and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
+    {
       $msg_Mig_Del_AllUsers .= '<br> - '.l10n('Mig_Del_User').stripslashes($row['username']);
       FluxBB_Deluser($row['id'], false);
+    }
+  }
   array_push($page['infos'], l10n('Mig_Del_AllUsers').$msg_Mig_Del_AllUsers.'<br><br>');
   $query = '
 SELECT id, username, password, mail_address
 FROM '.USERS_TABLE.'
 WHERE username NOT IN ("18","16")
 ;';
   $result = pwg_query($query);
   $registred = time();
   $registred_ip = $_SERVER['REMOTE_ADDR'];
   $msg_Mig_Add_AllUsers = '';
   while ($row = pwg_db_fetch_assoc($result))
+  {
     if((stripslashes($row['username']) != 'guest') and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
+    {
       $msg_Mig_Add_AllUsers .= '<br> - '.l10n('Mig_Add_User').stripslashes($row['username']);
       FluxBB_Adduser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
+    }
+  }
   array_push($page['infos'], l10n('Mig_Add_AllUsers').$msg_Mig_Add_AllUsers.'<br><br>');
   $query = '
 SELECT id, username, password, mail_address
 FROM '.USERS_TABLE.'
 WHERE username = "'.$conf_Register_FluxBB['FLUXBB_ADMIN'].'"
 AND username NOT IN ("18","16")
 ;';
   $row = pwg_db_fetch_assoc(pwg_query($query));
   if (!empty($row))
+  {
     array_push($page['infos'], l10n('Sync_User').stripslashes($row['username']).'<br><br>');
     FluxBB_Updateuser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
+  }
   array_push($page['infos'], l10n('Mig_End'));
+}
 else if (isset($_POST['Audit']))
+{
   Audit_PWG_FluxBB();
+}
+//if (isset($_POST['Migration']))
+//{
+//  array_push($page['infos'], l10n('Mig_Start').'<br><br>');
+//
+//  array_push($page['infos'], l10n('Mig_Del_Link').'<br><br>');
+//
+//  $query = 'TRUNCATE '.Register_FluxBB_ID_TABLE.';';
+//  $result = pwg_query($query);
+//
+//  $msg_Mig_Del_AllUsers = '';
+//
+//  $query = '
+//SELECT username, id
+//FROM '.FluxBB_USERS_TABLE.'
+//;';
+//
+//  $result = pwg_query($query);
+//
+//  while ($row = pwg_db_fetch_assoc($result))
+//  {
+//    if((stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_GUEST'])) and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
+//    {
+//      $msg_Mig_Del_AllUsers .= '<br> - '.l10n('Mig_Del_User').stripslashes($row['username']);
+//
+//      FluxBB_Deluser($row['id'], false);
+//    }
+//  }
+//
+//  array_push($page['infos'], l10n('Mig_Del_AllUsers').$msg_Mig_Del_AllUsers.'<br><br>');
+//
+//  $query = '
+//SELECT id, username, password, mail_address
+//FROM '.USERS_TABLE.'
+//WHERE username NOT IN ("18","16")
+//;';
+//
+//  $result = pwg_query($query);
+//
+//  $registred = time();
+//  $registred_ip = $_SERVER['REMOTE_ADDR'];
+//
+//  $msg_Mig_Add_AllUsers = '';
+//
+//  while ($row = pwg_db_fetch_assoc($result))
+//  {
+//    if((stripslashes($row['username']) != 'guest') and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
+//    {
+//      $msg_Mig_Add_AllUsers .= '<br> - '.l10n('Mig_Add_User').stripslashes($row['username']);
+//
+//      FluxBB_Adduser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
+//    }
+//  }
+//
+//  array_push($page['infos'], l10n('Mig_Add_AllUsers').$msg_Mig_Add_AllUsers.'<br><br>');
+//
+//  $query = '
+//SELECT id, username, password, mail_address
+//FROM '.USERS_TABLE.'
+//WHERE username = "'.$conf_Register_FluxBB['FLUXBB_ADMIN'].'"
+//AND username NOT IN ("18","16")
+//;';
+//
+//  $row = pwg_db_fetch_assoc(pwg_query($query));
+//
+//  if (!empty($row))
+//  {
+//    array_push($page['infos'], l10n('Sync_User').stripslashes($row['username']).'<br><br>');
+//
+//    FluxBB_Updateuser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
+//  }
+//
+//  array_push($page['infos'], l10n('Mig_End'));
+//}
+//else if (isset($_POST['Audit']))
+//{
+//  Audit_PWG_FluxBB();
+//}
 …
       $msg_error_Link_Bad = l10n('Sync_Link_Bad').$msg_error_Link_Bad;
     $query = '
 SELECT pwg.id as pwg_id, pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.id as bb_id, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
 FROM '.FluxBB_USERS_TABLE.' AS FluxBB
 INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
 INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
 AND BINARY pwg.username = BINARY FluxBB.username
 ORDER BY LOWER(pwg.username)
 ;';
     $result = pwg_query($query);
     while($row = pwg_db_fetch_assoc($result))
+    {
       if ( ($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']) )
+      {
         $msg_error_Synchro .= '<br>'.l10n('Sync_User').stripslashes($row['username']);
         $query = '
 SELECT id, username, password, mail_address
 FROM '.USERS_TABLE.'
 WHERE BINARY id = "'.$row['pwg_id'].'"
 AND "'.$row['username'].'" NOT IN ("18","16")
 ;';
         $data = pwg_db_fetch_assoc(pwg_query($query));
         if (!empty($data))
           FluxBB_Updateuser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+      }
+    }
+//    $query = '
+//SELECT pwg.id as pwg_id, pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.id as bb_id, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
+//FROM '.FluxBB_USERS_TABLE.' AS FluxBB
+//INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
+//INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
+//AND BINARY pwg.username = BINARY FluxBB.username
+//ORDER BY LOWER(pwg.username)
+//;';
+//
+//    $result = pwg_query($query);
+//
+//    while($row = pwg_db_fetch_assoc($result))
+//    {
+//      if ( ($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']) )
+//      {
+//        $msg_error_Synchro .= '<br>'.l10n('Sync_User').stripslashes($row['username']);
+//
+//        $query = '
+//SELECT id, username, password, mail_address
+//FROM '.USERS_TABLE.'
+//WHERE BINARY id = "'.$row['pwg_id'].'"
+//AND "'.$row['username'].'" NOT IN ("18","16")
+//;';
+//
+//        $data = pwg_db_fetch_assoc(pwg_query($query));
+//
+//        if (!empty($data))
+//          FluxBB_Updateuser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+//      }
+//    }
     if ($msg_error_Synchro == '')
 …
       $msg_error_Synchro = l10n('Sync_DataUser').$msg_error_Synchro;
     $query = '
 SELECT username, mail_address FROM '.USERS_TABLE.'
 WHERE BINARY username <> BINARY "guest"
 AND username NOT IN ("18","16")
 AND id not in (
   SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
+  )
 AND BINARY username not in (
   SELECT username FROM '.FluxBB_USERS_TABLE.'
+  )
 ORDER BY LOWER(username)
 ;';
     $result = pwg_query($query);
     while($row = pwg_db_fetch_assoc($result))
+    {
       $msg_error_PWG2FluxBB .= '<br>'.l10n('Add_User').stripslashes($row['username']).' ('.$row['mail_address'].')';
       $query = '
 SELECT id, username, password, mail_address
 FROM '.USERS_TABLE.'
 WHERE BINARY username = BINARY "'.$row['username'].'"
 AND username NOT IN ("18","16")
 LIMIT 1
 ;';
       $data = pwg_db_fetch_assoc(pwg_query($query));
       if (!empty($data))
         FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+    }
+//    $query = '
+//SELECT username, mail_address FROM '.USERS_TABLE.'
+//WHERE BINARY username <> BINARY "guest"
+//AND username NOT IN ("18","16")
+//AND id not in (
+//  SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
+//  )
+//AND BINARY username not in (
+//  SELECT username FROM '.FluxBB_USERS_TABLE.'
+//  )
+//ORDER BY LOWER(username)
+//;';
+//
+//    $result = pwg_query($query);
+//
+//    while($row = pwg_db_fetch_assoc($result))
+//    {
+//      $msg_error_PWG2FluxBB .= '<br>'.l10n('Add_User').stripslashes($row['username']).' ('.$row['mail_address'].')';
+//
+//      $query = '
+//SELECT id, username, password, mail_address
+//FROM '.USERS_TABLE.'
+//WHERE BINARY username = BINARY "'.$row['username'].'"
+//AND username NOT IN ("18","16")
+//LIMIT 1
+//;';
+//
+//      $data = pwg_db_fetch_assoc(pwg_query($query));
+//
+//      if (!empty($data))
+//        FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+//    }
     if ($msg_error_PWG2FluxBB == '')
 …
 else if ( isset($_POST['Audit']))
+{
+  Audit_PWG_FluxBB();
+}
+// +---------------------------------------------------------------+
+// |                       Audit function                          |
+// +---------------------------------------------------------------+
+function Audit_PWG_FluxBB()
+{
+  global $page, $conf, $errors;
+  $page_Register_FluxBB_admin = get_admin_plugin_menu_link(__FILE__);
+  $conf_Register_FluxBB = unserialize($conf['Register_FluxBB']);
+  $msg_error_PWG_Dup = '';
+  $msg_error_FluxBB_Dup = '';
+  $msg_error_Link_Break = '';
+  $msg_error_Link_Bad = '';
+  $msg_error_Synchro = '';
+  $msg_ok_Synchro = '';
+  $msg_error_PWG2FluxBB = '';
+  $msg_error_FluxBB2PWG = '';
+// Check duplicate accounts in Piwigo users table
+// ----------------------------------------------
+  $query = '
+SELECT COUNT(*) AS nbr_dup, id, username
+FROM '.USERS_TABLE.'
+WHERE username NOT IN ("18","16")
+AND username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+GROUP BY BINARY username
+HAVING COUNT(*) > 1
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+    $msg_error_PWG_Dup .= '<br>'.l10n('Error_PWG_Dup').$row['nbr_dup'].' x '.stripslashes($row['username']);
+  if ($msg_error_PWG_Dup == '')
+    array_push($page['infos'], l10n('Audit_PWG_Dup').'<br>'.l10n('Audit_OK'));
+  else
+    $msg_error_PWG_Dup = l10n('Audit_PWG_Dup').$msg_error_PWG_Dup.'<br>'.l10n('Advise_PWG_Dup');
+// Check duplicate accounts in FluxBB users table
+// ----------------------------------------------
+  $query = '
+SELECT COUNT(*) AS nbr_dup, username
+FROM '.FluxBB_USERS_TABLE.'
+GROUP BY BINARY username
+HAVING COUNT(*) > 1
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    $msg_error_FluxBB_Dup .= '<br>'.l10n('Error_FluxBB_Dup').$row['nbr_dup'].' x '.stripslashes($row['username']);
+    $subquery = '
+SELECT id, username, email
+FROM '.FluxBB_USERS_TABLE.'
+WHERE BINARY username = BINARY "'.$row['username'].'"
+AND username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+;';
+    $subresult = pwg_query($subquery);
+    while($subrow = pwg_db_fetch_assoc($subresult))
+    {
+      $msg_error_FluxBB_Dup .= '<br>id:'.$subrow['id'].'='.stripslashes($subrow['username']).' ('.$subrow['email'].')';
+      $msg_error_FluxBB_Dup .= ' <a href="';
+      $msg_error_FluxBB_Dup .= add_url_params($page_Register_FluxBB_admin, array(
+        'action' => 'del_user',
+        'id' => $subrow['id'],
+      ));
+      $msg_error_FluxBB_Dup .= '" title="'.l10n('Del_User').stripslashes($subrow['username']).'"';
+      $msg_error_FluxBB_Dup .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+      $msg_error_FluxBB_Dup .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_delete.png" alt="'.l10n('Del_User').$subrow['username'].'" /></a>';
+    }
+  }
+  if ($msg_error_FluxBB_Dup == '')
+    array_push($page['infos'], l10n('Audit_FluxBB_Dup').'<br>'.l10n('Audit_OK'));
+  else
+    $msg_error_FluxBB_Dup = l10n('Audit_FluxBB_Dup').$msg_error_FluxBB_Dup.'<br>'.l10n('Advise_FluxBB_Dup');
+// Check links between Piwigo and FluxBB users
+// -------------------------------------------
+  // Check fixable broken links between Piwigo and FluxBB users
+  // ----------------------------------------------------------
+  $query = '
+SELECT pwg.id as pwg_id, bb.id as bb_id, pwg.username as pwg_user, pwg.mail_address as pwg_mail
+FROM '.FluxBB_USERS_TABLE.' AS bb, '.USERS_TABLE.' as pwg
+WHERE bb.id NOT in (
+  SELECT id_user_FluxBB
+  FROM '.Register_FluxBB_ID_TABLE.'
+  )
+AND pwg.id NOT in (
+  SELECT id_user_pwg
+  FROM '.Register_FluxBB_ID_TABLE.'
+  )
+AND pwg.username = bb.username
+AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+AND pwg.username NOT IN ("18","16")
+AND pwg.mail_address = bb.email
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    $msg_error_Link_Break .= '<br>'.l10n('Error_Link_Break').stripslashes($row['pwg_user']).' ('.$row['pwg_mail'].')';
+    $msg_error_Link_Break .= ' <a href="';
+    $msg_error_Link_Break .= add_url_params($page_Register_FluxBB_admin, array(
+      'action'   => 'new_link',
+      'pwg_id' => $row['pwg_id'],
+      'bb_id' => $row['bb_id'],
+    ));
+    $msg_error_Link_Break .= '" title="'.l10n('New_Link').stripslashes($row['pwg_user']).'"';
+    $msg_error_Link_Break .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_Link_Break .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_break.png" alt="'.l10n('New_Link').stripslashes($row['pwg_user']).'" /></a>';
+  }
+  if ($msg_error_Link_Break == '')
+    array_push($page['infos'], l10n('Audit_Link_Break').'<br>'.l10n('Audit_OK'));
+  else
+    $msg_error_Link_Break = l10n('Audit_Link_Break').$msg_error_Link_Break;
+  // Check not fixable broken links between Piwigo and FluxBB users
+  // --------------------------------------------------------------
+  $query = '
+SELECT pwg.username as pwg_user, pwg.id as pwg_id, pwg.mail_address as pwg_mail, bb.id as bb_id, bb.username as bb_user, bb.email as bb_mail
+FROM '.FluxBB_USERS_TABLE.' AS bb
+INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = bb.id
+INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
+WHERE pwg.username <> bb.username
+AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+AND pwg.username NOT IN ("18","16")
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Del').stripslashes($row['pwg_user']).' ('.$row['pwg_mail'].')'.' -- '.stripslashes($row['bb_user']).' ('.$row['bb_mail'].')';
+    $msg_error_Link_Bad .= ' <a href="';
+    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
+      'action'   => 'link_del',
+      'pwg_id' => $row['pwg_id'],
+      'bb_id'  => $row['bb_id'],
+    ));
+    $msg_error_Link_Bad .= '" title="'.l10n('Link_Del').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'"';
+    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_delete.png" alt="'.l10n('Link_Del').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'" /></a>';
+    $msg_error_Link_Bad .= ' -- <a href="';
+    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
+      'action' => 'sync_user',
+      'username' => stripslashes($row['pwg_user']),
+    ));
+    $msg_error_Link_Bad .= '" title="'.l10n('Sync_User').stripslashes($row['pwg_user']).' --> '.stripslashes($row['bb_user']).'"';
+    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/arrow_switch.png" alt="'.l10n('Sync_User').stripslashes($row['pwg_user']).' --> '.stripslashes($row['bb_user']).'" /></a>';
+  }
+  // Check dead links between Piwigo and FluxBB users
+  // ------------------------------------------------
+  $query = '
+SELECT COUNT(*) as nbr_dead
+FROM '.Register_FluxBB_ID_TABLE.' AS Link
+WHERE id_user_FluxBB NOT IN (
+  SELECT id
+  FROM '.FluxBB_USERS_TABLE.'
+  )
+OR id_user_pwg NOT IN (
+  SELECT id
+  FROM '.USERS_TABLE.'
+  )
+;';
+  $Compteur = pwg_db_fetch_assoc(pwg_query($query));
+  if (!empty($Compteur) and $Compteur['nbr_dead'] > 0)
+  {
+    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Dead').$Compteur['nbr_dead'];
+    $msg_error_Link_Bad .= ' <a href="';
+    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
+      'action'   => 'link_dead',
+    ));
+    $msg_error_Link_Bad .= '" title="'.l10n('Link_Dead').$Compteur['nbr_dead'].'"';
+    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_delete.png" alt="'.l10n('Link_Dead').$Compteur['nbr_dead'].'" /></a>';
+  }
+  // Check duplicated links between Piwigo and FluxBB users
+  // ------------------------------------------------------
+  $query = '
+SELECT COUNT(*) AS nbr_dup, pwg.id AS pwg_id, pwg.username AS pwg_user, bb.username AS bb_user, bb.id AS bb_id
+FROM '.FluxBB_USERS_TABLE.' AS bb
+INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = bb.id
+INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
+WHERE pwg.username NOT IN ("18","16")
+AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+GROUP BY link.id_user_pwg, link.id_user_FluxBB
+HAVING COUNT(*) > 1
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Dup').$row['nbr_dup'].' = '.stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).')';
+    $msg_error_Link_Bad .= ' <a href="';
+    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
+      'action'   => 'new_link',
+      'pwg_id' => $row['pwg_id'],
+      'bb_id' => $row['bb_id'],
+    ));
+    $msg_error_Link_Bad .= '" title="'.l10n('Link_Dup').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'"';
+    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_error.png" alt="'.l10n('Link_Dup').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'" /></a>';
+  }
+  if ($msg_error_Link_Bad == '')
+    array_push($page['infos'], l10n('Audit_Link_Bad').'<br>'.l10n('Audit_OK'));
+  else
+    $msg_error_Link_Bad = l10n('Audit_Link_Bad').$msg_error_Link_Bad;
+// Check synch between Piwigo and FluxBB users
+// -------------------------------------------
+  $query = '
+SELECT pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
+FROM '.FluxBB_USERS_TABLE.' AS FluxBB
+INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
+INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
+WHERE BINARY pwg.username = BINARY FluxBB.username
+AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+AND pwg.username NOT IN ("18","16")
+ORDER BY LOWER(pwg.username)
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    if (($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']))
+    {
+      $msg_error_Synchro .= '<br>'.l10n('Error_Synchro').stripslashes($row['username']);
+      $msg_error_Synchro .= ' <a href="';
+      $msg_error_Synchro .= add_url_params($page_Register_FluxBB_admin, array(
+        'action' => 'sync_user',
+        'username' => stripslashes($row['username']),
+      ));
+      $msg_error_Synchro .= '" title="'.l10n('Sync_User').stripslashes($row['username']).'"';
+      $msg_error_Synchro .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+      $msg_error_Synchro .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_refresh.png" alt="'.l10n('Sync_User').stripslashes($row['username']).'" /></a>';
+      if ($row['pwg_pwd'] != $row['bb_pwd'])
+        $msg_error_Synchro .= '<br>'.l10n('Error_Synchro_Pswd');
+      if ($row['pwg_eml'] != $row['bb_eml'])
+        $msg_error_Synchro .= '<br>'.l10n('Error_Synchro_Mail').'<br>-- PWG = '.$row['pwg_eml'].'<br>-- FluxBB = '.$row['bb_eml'];
+    }
+    else if ($conf_Register_FluxBB['FLUXBB_DETAIL'] == 'true')
+      $msg_ok_Synchro .= '<br> - '.stripslashes($row['username']).' ('.$row['pwg_eml'].')'.l10n('Audit_Synchro_OK');
+  }
+  if ($msg_error_Synchro <> '')
+    $msg_error_Synchro = l10n('Audit_Synchro').$msg_error_Synchro;
+  if ($msg_ok_Synchro <> '')
+    if ($msg_error_Synchro <> '')
+      array_push($page['infos'], l10n('Audit_Synchro').$msg_ok_Synchro.'<br><br>');
+    else
+      array_push($page['infos'], l10n('Audit_Synchro').$msg_ok_Synchro.'<br><br>'.l10n('Audit_OK'));
+  $query = '
+SELECT username, mail_address FROM '.USERS_TABLE.'
+WHERE BINARY username <> BINARY "guest"
+AND username NOT IN ("18","16")
+AND username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
+AND id not in (
+  SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
+  )
+AND BINARY username not in (
+  SELECT username FROM '.FluxBB_USERS_TABLE.'
+  )
+ORDER BY LOWER(username)
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    $msg_error_PWG2FluxBB .= '<br>'.l10n('Error_PWG2FluxBB').stripslashes($row['username']).' ('.$row['mail_address'].')';
+    $msg_error_PWG2FluxBB .= ' <a href="';
+    $msg_error_PWG2FluxBB .= add_url_params($page_Register_FluxBB_admin, array(
+      'action' => 'add_user',
+      'username' => stripslashes($row['username']),
+    ));
+    $msg_error_PWG2FluxBB .= '" title="'.l10n('Add_User').stripslashes($row['username']).'" ';
+    $msg_error_PWG2FluxBB .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_PWG2FluxBB .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_add.png" alt="'.l10n('Add_User').stripslashes($row['username']).'" /></a>';
+  }
+  if ($msg_error_PWG2FluxBB == '')
+    array_push($page['infos'], l10n('Audit_PWG2FluxBB').'<br>'.l10n('Audit_OK'));
+  else
+    $msg_error_PWG2FluxBB = l10n('Audit_PWG2FluxBB').$msg_error_PWG2FluxBB;
+  $query = '
+SELECT id, username, email FROM '.FluxBB_USERS_TABLE.'
+WHERE BINARY username <> BINARY "'.$conf_Register_FluxBB['FLUXBB_GUEST'].'"
+AND BINARY username <> BINARY "'.$conf_Register_FluxBB['FLUXBB_ADMIN'].'"
+AND id not in (
+  SELECT id_user_FluxBB FROM '.Register_FluxBB_ID_TABLE.'
+  )
+AND BINARY username not in (
+  SELECT username FROM '.USERS_TABLE.'
+  )
+ORDER BY LOWER(username)
+;';
+  $result = pwg_query($query);
+  while($row = pwg_db_fetch_assoc($result))
+  {
+    $msg_error_FluxBB2PWG .= '<br>'.l10n('Error_FluxBB2PWG').stripslashes($row['username']).' ('.$row['email'].')';
+    $msg_error_FluxBB2PWG .= ' <a href="';
+    $msg_error_FluxBB2PWG .= add_url_params($page_Register_FluxBB_admin, array(
+      'action' => 'del_user',
+      'id' => $row['id'],
+    ));
+    $msg_error_FluxBB2PWG .= '" title="'.l10n('Del_User').stripslashes($row['username']).'"';
+    $msg_error_FluxBB2PWG .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
+    $msg_error_FluxBB2PWG .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_delete.png" alt="'.l10n('Del_User').stripslashes($row['username']).'" /></a>';
+  }
+  if ($msg_error_FluxBB2PWG == '')
+    array_push($page['infos'], l10n('Audit_FluxBB2PWG').'<br>'.l10n('Audit_OK'));
+  else
+    $msg_error_FluxBB2PWG = l10n('Audit_FluxBB2PWG').$msg_error_FluxBB2PWG;
+  if ($msg_error_PWG_Dup <> '')
+    $errors[] = $msg_error_PWG_Dup . ( ($msg_error_FluxBB_Dup == '' and $msg_error_Link_Break == '' and $msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
+  if ($msg_error_FluxBB_Dup <> '')
+    $errors[] = $msg_error_FluxBB_Dup . ( ($msg_error_Link_Break == '' and $msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
+  if ($msg_error_Link_Break <> '')
+    $errors[] = $msg_error_Link_Break . ( ($msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
+  if ($msg_error_Link_Bad <> '')
+    $errors[] = $msg_error_Link_Bad . ( ($msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
+  if ($msg_error_Synchro <> '')
+    $errors[] = $msg_error_Synchro . ( ($msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
+  if ($msg_error_PWG2FluxBB <> '')
+    $errors[] = $msg_error_PWG2FluxBB . ( ($msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
+  if ($msg_error_FluxBB2PWG <> '')
+    $errors[] = $msg_error_FluxBB2PWG;
+  if (isset ($errors) and count($errors) != 0)
+  {
+    foreach ($errors as $error)
+    {
+      array_push($page['errors'], $error);
+    }
+  }
+}
+// +-----------------------------------------------------------------------+
+// |                       Audit actions process                           |
+// +-----------------------------------------------------------------------+
+if (isset($_GET['action']) and ($_GET['action']=='link_dead'))
+{
+  $query = '
+DELETE FROM '.Register_FluxBB_ID_TABLE.'
+WHERE id_user_FluxBB NOT IN (
+  SELECT id
+  FROM '.FluxBB_USERS_TABLE.'
+  )
+OR id_user_pwg NOT IN (
+  SELECT id
+  FROM '.USERS_TABLE.'
+  )
+;';
+  $result = pwg_query($query);
+  Audit_PWG_FluxBB();
+}
+else if (isset($_GET['action']) and ($_GET['action']=='link_del') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
+{
+  $query = '
+DELETE FROM '.Register_FluxBB_ID_TABLE.'
+WHERE id_user_pwg = '.$_GET['pwg_id'].'
+AND id_user_FluxBB = '.$_GET['bb_id'].'
+;';
+  $result = pwg_query($query);
+  Audit_PWG_FluxBB();
+}
+else if (isset($_GET['action']) and ($_GET['action']=='new_link') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
+{
+  FluxBB_Linkuser($_GET['pwg_id'], $_GET['bb_id']);
+  Audit_PWG_FluxBB();
+}
+//else if (isset($_GET['action']) and ($_GET['action']=='sync_user') and isset($_GET['username']))
+//{
+//  $query = '
+//SELECT id AS id_pwg, username, password, mail_address
+//FROM '.USERS_TABLE.'
+//WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
+//AND username NOT IN ("18","16")
+//LIMIT 1
+//;';
+//
+//  $data = pwg_db_fetch_assoc(pwg_query($query));
+//
+//  if (!empty($data))
+//  {
+//    FluxBB_Updateuser($data['id_pwg'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+//  }
+//
+//  Audit_PWG_FluxBB();
+//}
+else if (isset($_GET['action']) and ($_GET['action']=='add_user') and isset($_GET['username']))
+{
+  $query = '
+SELECT id, username, password, mail_address
+FROM '.USERS_TABLE.'
+WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
+AND username NOT IN ("18","16")
+LIMIT 1
+;';
+  $data = pwg_db_fetch_assoc(pwg_query($query));
+  if (!empty($data))
+    FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
+   Audit_PWG_FluxBB();
+}
+else if (isset($_GET['action']) and ($_GET['action']=='del_user') and isset($_GET['id']))
+{
+  FluxBB_Deluser( $_GET['id'], true );
   Audit_PWG_FluxBB();
+}

extensions/Register_FluxBB/include/functions.inc.php

-                      r21901
+                      r22039
 include_once (PHPWG_ROOT_PATH.'/include/constants.php');
 include_once (REGFLUXBB_PATH.'include/constants.php');
-function Audit_PWG_FluxBB()
+{
-  global $page, $conf, $errors;
-  $page_Register_FluxBB_admin = get_admin_plugin_menu_link(__FILE__);
-  $conf_Register_FluxBB = unserialize($conf['Register_FluxBB']);
-  $msg_error_PWG_Dup = '';
-  $msg_error_FluxBB_Dup = '';
-  $msg_error_Link_Break = '';
-  $msg_error_Link_Bad = '';
-  $msg_error_Synchro = '';
-  $msg_ok_Synchro = '';
-  $msg_error_PWG2FluxBB = '';
-  $msg_error_FluxBB2PWG = '';
-  $query = '
-SELECT COUNT(*) AS nbr_dup, id, username
-FROM '.USERS_TABLE.'
-WHERE username NOT IN ("18","16")
-GROUP BY BINARY username
-HAVING COUNT(*) > 1
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
-    $msg_error_PWG_Dup .= '<br>'.l10n('Error_PWG_Dup').$row['nbr_dup'].' x '.stripslashes($row['username']);
-  if ($msg_error_PWG_Dup == '')
-    array_push($page['infos'], l10n('Audit_PWG_Dup').'<br>'.l10n('Audit_OK'));
-  else
-    $msg_error_PWG_Dup = l10n('Audit_PWG_Dup').$msg_error_PWG_Dup.'<br>'.l10n('Advise_PWG_Dup');
-  $query = '
-SELECT COUNT(*) AS nbr_dup, username
-FROM '.FluxBB_USERS_TABLE.'
-GROUP BY BINARY username
-HAVING COUNT(*) > 1
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    $msg_error_FluxBB_Dup .= '<br>'.l10n('Error_FluxBB_Dup').$row['nbr_dup'].' x '.stripslashes($row['username']);
-    $subquery = '
-SELECT id, username, email
-FROM '.FluxBB_USERS_TABLE.'
-WHERE BINARY username = BINARY "'.$row['username'].'"
-;';
-    $subresult = pwg_query($subquery);
-    while($subrow = pwg_db_fetch_assoc($subresult))
+    {
-      $msg_error_FluxBB_Dup .= '<br>id:'.$subrow['id'].'='.stripslashes($subrow['username']).' ('.$subrow['email'].')';
-      $msg_error_FluxBB_Dup .= ' <a href="';
-      $msg_error_FluxBB_Dup .= add_url_params($page_Register_FluxBB_admin, array(
-        'action' => 'del_user',
-        'id' => $subrow['id'],
-      ));
-      $msg_error_FluxBB_Dup .= '" title="'.l10n('Del_User').stripslashes($subrow['username']).'"';
-      $msg_error_FluxBB_Dup .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-      $msg_error_FluxBB_Dup .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_delete.png" alt="'.l10n('Del_User').$subrow['username'].'" /></a>';
+    }
+  }
-  if ($msg_error_FluxBB_Dup == '')
-    array_push($page['infos'], l10n('Audit_FluxBB_Dup').'<br>'.l10n('Audit_OK'));
-  else
-    $msg_error_FluxBB_Dup = l10n('Audit_FluxBB_Dup').$msg_error_FluxBB_Dup.'<br>'.l10n('Advise_FluxBB_Dup');
-  $query = '
-SELECT pwg.id as pwg_id, bb.id as bb_id, pwg.username as pwg_user, pwg.mail_address as pwg_mail
-FROM '.FluxBB_USERS_TABLE.' AS bb, '.USERS_TABLE.' as pwg
-WHERE bb.id NOT in (
-  SELECT id_user_FluxBB
-  FROM '.Register_FluxBB_ID_TABLE.'
+  )
-AND pwg.id NOT in (
-  SELECT id_user_pwg
-  FROM '.Register_FluxBB_ID_TABLE.'
+  )
-AND pwg.username = bb.username
-AND pwg.username NOT IN ("18","16")
-AND pwg.mail_address = bb.email
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    $msg_error_Link_Break .= '<br>'.l10n('Error_Link_Break').stripslashes($row['pwg_user']).' ('.$row['pwg_mail'].')';
-    $msg_error_Link_Break .= ' <a href="';
-    $msg_error_Link_Break .= add_url_params($page_Register_FluxBB_admin, array(
-      'action'   => 'new_link',
-      'pwg_id' => $row['pwg_id'],
-      'bb_id' => $row['bb_id'],
-    ));
-    $msg_error_Link_Break .= '" title="'.l10n('New_Link').stripslashes($row['pwg_user']).'"';
-    $msg_error_Link_Break .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_Link_Break .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_break.png" alt="'.l10n('New_Link').stripslashes($row['pwg_user']).'" /></a>';
+  }
-  if ($msg_error_Link_Break == '')
-    array_push($page['infos'], l10n('Audit_Link_Break').'<br>'.l10n('Audit_OK'));
-  else
-    $msg_error_Link_Break = l10n('Audit_Link_Break').$msg_error_Link_Break;
-  $query = '
-SELECT pwg.username as pwg_user, pwg.id as pwg_id, pwg.mail_address as pwg_mail, bb.id as bb_id, bb.username as bb_user, bb.email as bb_mail
-FROM '.FluxBB_USERS_TABLE.' AS bb
-INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = bb.id
-INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
-WHERE pwg.username <> bb.username
-AND pwg.username NOT IN ("18","16")
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Del').stripslashes($row['pwg_user']).' ('.$row['pwg_mail'].')'.' -- '.stripslashes($row['bb_user']).' ('.$row['bb_mail'].')';
-    $msg_error_Link_Bad .= ' <a href="';
-    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
-      'action'   => 'link_del',
-      'pwg_id' => $row['pwg_id'],
-      'bb_id'  => $row['bb_id'],
-    ));
-    $msg_error_Link_Bad .= '" title="'.l10n('Link_Del').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'"';
-    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_delete.png" alt="'.l10n('Link_Del').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'" /></a>';
-    $msg_error_Link_Bad .= ' -- <a href="';
-    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
-      'action' => 'sync_user',
-      'username' => stripslashes($row['pwg_user']),
-    ));
-    $msg_error_Link_Bad .= '" title="'.l10n('Sync_User').stripslashes($row['pwg_user']).' --> '.stripslashes($row['bb_user']).'"';
-    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/arrow_switch.png" alt="'.l10n('Sync_User').stripslashes($row['pwg_user']).' --> '.stripslashes($row['bb_user']).'" /></a>';
+  }
-  $query = '
-SELECT COUNT(*) as nbr_dead
-FROM '.Register_FluxBB_ID_TABLE.' AS Link
-WHERE id_user_FluxBB NOT IN (
-  SELECT id
-  FROM '.FluxBB_USERS_TABLE.'
+  )
-OR id_user_pwg NOT IN (
-  SELECT id
-  FROM '.USERS_TABLE.'
+  )
-;';
-  $Compteur = pwg_db_fetch_assoc(pwg_query($query));
-  if (!empty($Compteur) and $Compteur['nbr_dead'] > 0)
+  {
-    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Dead').$Compteur['nbr_dead'];
-    $msg_error_Link_Bad .= ' <a href="';
-    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
-      'action'   => 'link_dead',
-    ));
-    $msg_error_Link_Bad .= '" title="'.l10n('Link_Dead').$Compteur['nbr_dead'].'"';
-    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_delete.png" alt="'.l10n('Link_Dead').$Compteur['nbr_dead'].'" /></a>';
+  }
-  $query = '
-SELECT COUNT(*) AS nbr_dup, pwg.id AS pwg_id, pwg.username AS pwg_user, bb.username AS bb_user, bb.id AS bb_id
-FROM '.FluxBB_USERS_TABLE.' AS bb
-INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = bb.id
-INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
-WHERE pwg.username NOT IN ("18","16")
-GROUP BY link.id_user_pwg, link.id_user_FluxBB
-HAVING COUNT(*) > 1
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Dup').$row['nbr_dup'].' = '.stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).')';
-    $msg_error_Link_Bad .= ' <a href="';
-    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
-      'action'   => 'new_link',
-      'pwg_id' => $row['pwg_id'],
-      'bb_id' => $row['bb_id'],
-    ));
-    $msg_error_Link_Bad .= '" title="'.l10n('Link_Dup').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'"';
-    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_error.png" alt="'.l10n('Link_Dup').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'" /></a>';
+  }
-  if ($msg_error_Link_Bad == '')
-    array_push($page['infos'], l10n('Audit_Link_Bad').'<br>'.l10n('Audit_OK'));
-  else
-    $msg_error_Link_Bad = l10n('Audit_Link_Bad').$msg_error_Link_Bad;
-  $query = '
-SELECT pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
-FROM '.FluxBB_USERS_TABLE.' AS FluxBB
-INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
-INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
-WHERE BINARY pwg.username = BINARY FluxBB.username
-AND pwg.username NOT IN ("18","16")
-ORDER BY LOWER(pwg.username)
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    if ( ($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']) )
+    {
-      $msg_error_Synchro .= '<br>'.l10n('Error_Synchro').stripslashes($row['username']);
-      $msg_error_Synchro .= ' <a href="';
-      $msg_error_Synchro .= add_url_params($page_Register_FluxBB_admin, array(
-        'action' => 'sync_user',
-        'username' => stripslashes($row['username']),
-      ));
-      $msg_error_Synchro .= '" title="'.l10n('Sync_User').stripslashes($row['username']).'"';
-      $msg_error_Synchro .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-      $msg_error_Synchro .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_refresh.png" alt="'.l10n('Sync_User').stripslashes($row['username']).'" /></a>';
-      if ($row['pwg_pwd'] != $row['bb_pwd'])
-        $msg_error_Synchro .= '<br>'.l10n('Error_Synchro_Pswd');
-      if ($row['pwg_eml'] != $row['bb_eml'])
-        $msg_error_Synchro .= '<br>'.l10n('Error_Synchro_Mail').'<br>-- PWG = '.$row['pwg_eml'].'<br>-- FluxBB = '.$row['bb_eml'];
+    }
-    else if ($conf_Register_FluxBB['FLUXBB_DETAIL'] == 'true')
-      $msg_ok_Synchro .= '<br> - '.stripslashes($row['username']).' ('.$row['pwg_eml'].')'.l10n('Audit_Synchro_OK');
+  }
-  if ($msg_error_Synchro <> '')
-    $msg_error_Synchro = l10n('Audit_Synchro').$msg_error_Synchro;
-  if ($msg_ok_Synchro <> '')
-    if ($msg_error_Synchro <> '')
-      array_push($page['infos'], l10n('Audit_Synchro').$msg_ok_Synchro.'<br><br>');
-    else
-      array_push($page['infos'], l10n('Audit_Synchro').$msg_ok_Synchro.'<br><br>'.l10n('Audit_OK'));
-  $query = '
-SELECT username, mail_address FROM '.USERS_TABLE.'
-WHERE BINARY username <> BINARY "guest"
-AND username NOT IN ("18","16")
-AND id not in (
-  SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
+  )
-AND BINARY username not in (
-  SELECT username FROM '.FluxBB_USERS_TABLE.'
+  )
-ORDER BY LOWER(username)
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    $msg_error_PWG2FluxBB .= '<br>'.l10n('Error_PWG2FluxBB').stripslashes($row['username']).' ('.$row['mail_address'].')';
-    $msg_error_PWG2FluxBB .= ' <a href="';
-    $msg_error_PWG2FluxBB .= add_url_params($page_Register_FluxBB_admin, array(
-      'action' => 'add_user',
-      'username' => stripslashes($row['username']),
-    ));
-    $msg_error_PWG2FluxBB .= '" title="'.l10n('Add_User').stripslashes($row['username']).'" ';
-    $msg_error_PWG2FluxBB .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_PWG2FluxBB .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_add.png" alt="'.l10n('Add_User').stripslashes($row['username']).'" /></a>';
+  }
-  if ($msg_error_PWG2FluxBB == '')
-    array_push($page['infos'], l10n('Audit_PWG2FluxBB').'<br>'.l10n('Audit_OK'));
-  else
-    $msg_error_PWG2FluxBB = l10n('Audit_PWG2FluxBB').$msg_error_PWG2FluxBB;
-  $query = '
-SELECT id, username, email FROM '.FluxBB_USERS_TABLE.'
-WHERE BINARY username <> BINARY "'.$conf_Register_FluxBB['FLUXBB_GUEST'].'"
-AND id not in (
-  SELECT id_user_FluxBB FROM '.Register_FluxBB_ID_TABLE.'
+  )
-AND BINARY username not in (
-  SELECT username FROM '.USERS_TABLE.'
+  )
-ORDER BY LOWER(username)
-;';
-  $result = pwg_query($query);
-  while($row = pwg_db_fetch_assoc($result))
+  {
-    $msg_error_FluxBB2PWG .= '<br>'.l10n('Error_FluxBB2PWG').stripslashes($row['username']).' ('.$row['email'].')';
-    $msg_error_FluxBB2PWG .= ' <a href="';
-    $msg_error_FluxBB2PWG .= add_url_params($page_Register_FluxBB_admin, array(
-      'action' => 'del_user',
-      'id' => $row['id'],
-    ));
-    $msg_error_FluxBB2PWG .= '" title="'.l10n('Del_User').stripslashes($row['username']).'"';
-    $msg_error_FluxBB2PWG .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
-    $msg_error_FluxBB2PWG .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_delete.png" alt="'.l10n('Del_User').stripslashes($row['username']).'" /></a>';
+  }
-  if ($msg_error_FluxBB2PWG == '')
-    array_push($page['infos'], l10n('Audit_FluxBB2PWG').'<br>'.l10n('Audit_OK'));
-  else
-    $msg_error_FluxBB2PWG = l10n('Audit_FluxBB2PWG').$msg_error_FluxBB2PWG;
-  if ($msg_error_PWG_Dup <> '')
-    $errors[] = $msg_error_PWG_Dup . ( ($msg_error_FluxBB_Dup == '' and $msg_error_Link_Break == '' and $msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
-  if ($msg_error_FluxBB_Dup <> '')
-    $errors[] = $msg_error_FluxBB_Dup . ( ($msg_error_Link_Break == '' and $msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
-  if ($msg_error_Link_Break <> '')
-    $errors[] = $msg_error_Link_Break . ( ($msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
-  if ($msg_error_Link_Bad <> '')
-    $errors[] = $msg_error_Link_Bad . ( ($msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
-  if ($msg_error_Synchro <> '')
-    $errors[] = $msg_error_Synchro . ( ($msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
-  if ($msg_error_PWG2FluxBB <> '')
-    $errors[] = $msg_error_PWG2FluxBB . ( ($msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
-  if ($msg_error_FluxBB2PWG <> '')
-    $errors[] = $msg_error_FluxBB2PWG;
+}
 …
+}
+/**
+ * Add new registered user in FluxBB user table
+ */
 function Register_FluxBB_Adduser($register_user)
+{
 …
   if ($register_user['username'] != "16" and $register_user['username'] != "18")
+  {
     // Warning : FluxBB uses Sha1 hash instead of md5 for Piwigo!
+    // Warning : FluxBB uses Sha1 hash instead of a salted md5 for Piwigo! // TODO: Reset password
     FluxBB_Adduser($register_user['id'], $register_user['username'], sha1($_POST['password']), $register_user['email']);
+  }
+}
+/**
+ * Delete registered user in FluxBB user table
+ */
 function Register_FluxBB_Deluser($user_id)
+{
 …
+}
+/**
+ * Change user's password in FluxBB user table if a new password is set in Piwigo
+ */
 function Register_FluxBB_InitPage()
+{
   global $conf, $user;
   if (isset($_POST['validate']) and !is_admin())
+  if (isset($_POST['validate']))
+  {
     if (!empty($_POST['use_new_pwd']))
 …
       list($username) = pwg_db_fetch_row(pwg_query($query));
+      // Warning : FluxBB uses Sha1 hash instead of a salted md5 for Piwigo! // TODO: Reset password
       FluxBB_Updateuser($user['id'], stripslashes($username), sha1($_POST['use_new_pwd']), $_POST['mail_address']);
+    }
 …
+/**
+ * Update FluxBB password if user uses "lost password"
+ */
+function Register_FluxBB_PasswReset()
+{
+  global $page, $user, $conf;
+  if (isset($_POST['submit']))
+  {
+    if ('reset' == $_GET['action'])
+    {
+      $user_id = check_password_reset_key($_GET['key']);
+      $query = '
+SELECT '.$conf['user_fields']['username'].' AS username, mail_address
+FROM '.USERS_TABLE.'
+WHERE '.$conf['user_fields']['id'].' = \''.$user_id.'\'
+AND '.$conf['user_fields']['username'].' NOT IN ("18","16")
+;';
+      list($username,$mail_address) = pwg_db_fetch_row(pwg_query($query));
+      // Warning : FluxBB uses Sha1 hash instead of a salted md5 for Piwigo! // TODO: Reset password
+      FluxBB_Updateuser($user_id, stripslashes($username), sha1($_POST['use_new_pwd']), $mail_address);
+    }
+  }
+}
+/**
+ * Bridge with UAM confirmation option
+ */
 function UAM_Bridge()
+{
 …
+}
+/**
+ * Check the username accuracy in FluxBB users table
+ */
 function Register_FluxBB_RegistrationCheck($errors, $user)
+{
 …
+/**
+ * Users linking in a dedicated links table
+ */
 function FluxBB_Linkuser($pwg_id, $bb_id)
+{
 …
+/**
+ * Users unlinking in a dedicated links table (on user deletion)
+ */
 function FluxBB_Unlinkuser($bb_id)
+{
 …
+/**
+ * Add new registered user in fluxBB users table
+ * Called from Register_FluxBB_Adduser()
+ */
 function FluxBB_Adduser($pwg_id, $login, $password, $adresse_mail)
+{
 …
+/**
+ * Search linked users
+ */
 function FluxBB_Searchuser($id_user_pwg)
+{
 …
+/**
+ * Delete user from FluxBB users table
+ * Called from Register_FluxBB_Deluser()
+ */
 function FluxBB_Deluser($id_user_FluxBB, $SuppTopicsPosts)
+{
 …
+/**
+ * Update user information in FluxBB users table
+ */
 function FluxBB_Updateuser($pwg_id, $username, $password, $adresse_mail)
+{
 …
+}
+/**
+ * Get plugin information
+ */
 function RegFluxBB_Infos($dir)
+{
 …
+/**
+ * Delete obsolete files at plugin update
+ */
 function regfluxbb_obsolete_files()
+{

extensions/Register_FluxBB/main.inc.php

-                      r21912
+                      r22039
 .5.3     - 30/03/13  - Bug fixed : MySql error after installation from scratch
+.5.4     - ../../..  - Bug fixed : Admins passwords synchronization between FluxBB and Piwigo when changed
+                      - Bug fixed : Password synchronization between FluxBB and Piwigo if a user uses Piwigo's password recovery system
+                      - Bug fixed : Exclude password comparison from audit
+                      - Todo : Recode synch, migration and audit actions for existing users before plugin activation - Have to take care on passwords !
 --------------------------------------------------------------------------------
 */
 …
+}
+/* Password forget */
+add_event_handler('loc_begin_password', 'Register_FluxBB_PasswReset');
 /* Access validation in FluxBB when validated in Piwigo through UAM plugin */

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 22039 for extensions/Register_FluxBB

Legend:

extensions/Register_FluxBB/admin/admin.php

extensions/Register_FluxBB/include/functions.inc.php

extensions/Register_FluxBB/main.inc.php

Download in other formats: