Changeset 7955 for extensions/NBC_UserAdvManager/trunk/main.inc.php
- Timestamp:
- Nov 30, 2010, 5:24:38 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/NBC_UserAdvManager/trunk/main.inc.php
r7656 r7955 2 2 /* 3 3 Plugin Name: UserAdvManager 4 Version: 2.1 5.94 Version: 2.16.0-alpha 5 5 Description: Renforcer la gestion des utilisateurs - Enforce users management 6 6 Plugin URI: http://fr.piwigo.org/ext/extension_view.php?eid=216 … … 26 26 27 27 28 / * Plugin admin */28 // Plugin administration panel 29 29 add_event_handler('get_admin_plugin_menu_links', 'UAM_admin_menu'); 30 31 function UAM_admin_menu($menu)32 {33 // +-----------------------------------------------------------------------+34 // | Getting plugin name |35 // +-----------------------------------------------------------------------+36 $plugin = PluginInfos(UAM_PATH);37 $name = $plugin['name'];38 39 array_push($menu,40 array(41 'NAME' => $name,42 'URL' => get_admin_plugin_menu_link(UAM_PATH.'/admin/UAM_admin.php')43 )44 );45 46 return $menu;47 }48 30 49 31 /* Lastvisit table feed for Ghost Tracker */ 50 32 add_event_handler('loc_begin_index', 'UAM_GhostTracker'); 51 33 52 function UAM_GhostTracker() 53 { 54 global $conf, $user; 55 56 $conf_UAM = unserialize($conf['UserAdvManager']); 57 58 /* Admins, Guests and Adult_Content users are not tracked for Ghost Tracker or Users Tracker */ 59 if (!is_admin() and !is_a_guest() and $user['username'] != "16" and $user['username'] != "18") 60 { 61 if ((isset($conf_UAM[16]) and $conf_UAM[16] == 'true') or (isset($conf_UAM[19]) and $conf_UAM[19] == 'true')) 62 { 63 64 $userid = get_userid($user['username']); 65 66 /* Looking for existing entry in last visit table */ 67 $query = ' 68 SELECT * 69 FROM '.USER_LASTVISIT_TABLE.' 70 WHERE user_id = '.$userid.' 71 ;'; 72 73 $count = pwg_db_num_rows(pwg_query($query)); 74 75 if ($count == 0) 76 { 77 /* If not, data are inserted in table */ 78 $query = ' 79 INSERT INTO '.USER_LASTVISIT_TABLE.' (user_id, lastvisit, reminder) 80 VALUES ('.$userid.', now(), "false") 81 ;'; 82 pwg_query($query); 83 } 84 else if ($count > 0) 85 { 86 /* If yes, data are updated in table */ 87 $query = ' 88 UPDATE '.USER_LASTVISIT_TABLE.' 89 SET lastvisit = now(), reminder = "false" 90 WHERE user_id = '.$userid.' 91 LIMIT 1 92 ;'; 93 pwg_query($query); 94 } 95 } 96 } 97 } 98 99 100 /* User creation */ 34 // User creation 101 35 add_event_handler('register_user', 'UAM_Adduser'); 102 36 103 function UAM_Adduser($register_user) 104 { 105 global $conf; 106 107 $conf_UAM = unserialize($conf['UserAdvManager']); 108 109 // Exclusion of Adult_Content users 110 if ($register_user['username'] != "16" and $register_user['username'] != "18") 111 { 112 if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local')) 113 { 114 /* This is to send an information email and set user to "waiting" group or status until admin validation */ 115 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 116 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 117 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation 118 } 119 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local')) 120 { 121 /* This is to set user to "waiting" group or status until admin validation */ 122 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation 123 } 124 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'false')) 125 { 126 /* This is to send an information email without validation key */ 127 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 128 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 129 } 130 /* Sending registration confirmation by email */ 131 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true' or $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true')) 132 { 133 if (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'true') 134 { 135 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 136 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); 137 } 138 elseif (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'false') 139 { 140 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 141 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 142 } 143 elseif (!is_admin()) 144 { 145 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 146 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); 147 } 148 } 149 } 150 } 151 152 153 /* User deletion */ 37 // User deletion 154 38 add_event_handler('delete_user', 'UAM_Deluser'); 155 156 function UAM_Deluser($user_id)157 {158 /* Cleanup for ConfirmMail table */159 DeleteConfirmMail($user_id);160 /* Cleanup for LastVisit table */161 DeleteLastVisit($user_id);162 /* Cleanup Redirection settings */163 DeleteRedir($user_id);164 }165 166 39 167 40 // Check users registration 168 41 add_event_handler('register_user_check', 'UAM_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); 169 42 170 function UAM_RegistrationCheck($err, $user)171 {172 global $errors, $conf;173 174 // Exclusion of Adult_Content users175 if ($user['username'] != "16" and $user['username'] != "18")176 {177 // ***********************************************************178 // We need to reset the standard Piwigo's register controls179 // because the call of register_user_check trigger resets them180 // ***********************************************************181 // **********************************182 // Standard Piwigo's username control183 // **********************************184 if ($_POST['login'] == '')185 {186 return l10n('reg_err_login1');187 }188 if (preg_match('/^.* $/', $_POST['login']))189 {190 return l10n('reg_err_login2');191 }192 if (preg_match('/^ .*$/', $_POST['login']))193 {194 return l10n('reg_err_login3');195 }196 if (get_userid($_POST['login']))197 {198 return l10n('reg_err_login5');199 }200 201 if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') // not the same email variable if we are on users registration page or on admin's user registration page202 {203 // Email doblons check204 $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase205 $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name206 $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';207 208 if (!preg_match($regex, $_POST['email']))209 {210 return l10n('reg_err_mail_address');211 }212 213 $query = '214 SELECT count(*)215 FROM '.USERS_TABLE.'216 WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['email'].'\')217 ;';218 list($count) = pwg_db_fetch_row(pwg_query($query));219 if ($count != 0)220 {221 return l10n('reg_err_mail_address_dbl');222 }223 }224 225 if (script_basename() == 'register') // not the same email variable if we are on users registration page or on admin's user registration page226 {227 // Email doblons check228 $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase229 $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name230 $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';231 232 if (!preg_match($regex, $_POST['mail_address']))233 {234 return l10n('reg_err_mail_address');235 }236 237 $query = '238 SELECT count(*)239 FROM '.USERS_TABLE.'240 WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['mail_address'].'\')241 ;';242 list($count) = pwg_db_fetch_row(pwg_query($query));243 if ($count != 0)244 {245 return l10n('reg_err_mail_address_dbl');246 }247 }248 // ******************************************249 // End of Piwigo's standard register controls250 // ******************************************251 252 253 // ******************************************254 // Here begins the advanced register controls255 // ******************************************256 $PasswordCheck = 0;257 258 $conf_UAM = unserialize($conf['UserAdvManager']);259 260 // Password enforcement control261 if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14]))262 {263 if (!empty($user['password']) and !is_admin())264 {265 $PasswordCheck = testpassword($user['password']);266 267 if ($PasswordCheck < $conf_UAM[14])268 {269 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);270 return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]);271 }272 }273 else if (!empty($user['password']) and is_admin() and isset($conf_UAM[15]) and $conf_UAM[15] == 'true')274 {275 $PasswordCheck = testpassword($user['password']);276 277 if ($PasswordCheck < $conf_UAM[14])278 {279 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);280 return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]);281 }282 }283 }284 285 // Username without forbidden keys286 if (isset($conf_UAM[6]) and $conf_UAM[6] == 'true' and !empty($_POST['login']) and ValidateUsername($_POST['login']) and !is_admin())287 {288 $_POST['login'] = '';289 return($lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_UAM[7]."'");290 }291 292 // Email without forbidden domains293 if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']) and ValidateEmailProvider($_POST['mail_address']) and !is_admin())294 {295 $_POST['mail_address'] = '';296 return($lang['reg_err_login1'] = l10n('reg_err_login7')."'".$conf_UAM[12]."'");297 }298 }299 }300 301 302 43 if (script_basename() == 'profile') 303 44 { 304 45 add_event_handler('loc_begin_profile', 'UAM_Profile_Init'); 305 306 function UAM_Profile_Init()307 {308 global $conf, $user, $template;309 310 $conf_UAM = unserialize($conf['UserAdvManager']);311 312 if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true'))313 {314 $user_idsOK = array();315 if (!check_consult($user['id'], $user_idsOK))316 {317 $user_idsOK[] = $user['id'];318 319 $query = "320 UPDATE ".CONFIG_TABLE."321 SET value = \"".implode(',', $user_idsOK)."\"322 WHERE param = 'UserAdvManager_Redir';";323 324 pwg_query($query);325 }326 }327 328 if (isset($_POST['validate']) and !is_admin())329 {330 /* Email without forbidden domains */331 if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']))332 {333 if (ValidateEmailProvider($_POST['mail_address']))334 {335 $template->append('errors', l10n('reg_err_login7')."'".$conf_UAM[12]."'");336 unset($_POST['validate']);337 }338 }339 340 $typemail = 3;341 342 if (!empty($_POST['use_new_pwd']))343 {344 $typemail = 2;345 346 /* Password enforcement control */347 if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14]))348 {349 $PasswordCheck = testpassword($_POST['use_new_pwd']);350 351 if ($PasswordCheck < $conf_UAM[14])352 {353 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);354 $template->append('errors', l10n_args($message).$conf_UAM[14]);355 unset($_POST['use_new_pwd']);356 unset($_POST['validate']);357 }358 }359 }360 361 /* Sending registration confirmation by email */362 if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or (isset($conf_UAM[1]) and $conf_UAM[1] == 'true') or (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))363 {364 $confirm_mail_need = false;365 366 if (!empty($_POST['mail_address']))367 {368 $query = '369 SELECT '.$conf['user_fields']['email'].' AS email370 FROM '.USERS_TABLE.'371 WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'372 ;';373 374 list($current_email) = pwg_db_fetch_row(pwg_query($query));375 376 /* This is to send a new validation key */377 if ($_POST['mail_address'] != $current_email and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true'))378 379 $confirm_mail_need = true;380 381 /* This is to set the user to "waiting" group or status until admin validation */382 if ($_POST['mail_address'] != $current_email and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))383 384 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation385 $confirm_mail_need = false;386 }387 388 if ((!empty($_POST['use_new_pwd']) and (isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or $confirm_mail_need))389 {390 $query = '391 SELECT '.$conf['user_fields']['username'].'392 FROM '.USERS_TABLE.'393 WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'394 ;';395 396 list($username) = pwg_db_fetch_row(pwg_query($query));397 398 SendMail2User($typemail, $user['id'], $username, $_POST['use_new_pwd'], $_POST['mail_address'], $confirm_mail_need);399 }400 }401 }402 }403 46 } 404 47 405 406 // RedirectToProfile - Thx to LucMorizur 407 // redirects a visitor (except for admins, webmasters and generic statuses) to his 408 // profile.php page 409 // 410 // no variable, no return 48 // Redirection to profile page 411 49 add_event_handler('login_success', 'RedirectToProfile'); 412 50 413 function RedirectToProfile() 414 { 415 global $conf, $user; 416 417 $conf_UAM = unserialize($conf['UserAdvManager']); 418 419 $query =' 420 SELECT user_id, status 421 FROM '.USER_INFOS_TABLE.' 422 WHERE user_id = '.$user['id'].' 423 ;'; 424 $data = pwg_db_fetch_assoc(pwg_query($query)); 425 426 if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic") 427 { 428 if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true')) 429 { 430 $user_idsOK = array(); 431 if (!check_consult($user['id'], $user_idsOK)) 432 redirect(PHPWG_ROOT_PATH.'profile.php'); 433 } 434 } 435 } 51 // *** Important ! This is necessary to make email exclusion work in admin's users management panel *** 52 add_event_handler('init', 'UAM_InitPage'); 436 53 437 438 add_event_handler('init', 'UAM_InitPage'); 439 /* *** Important ! This is necessary to make email exclusion work in admin's users management panel *** */ 440 function UAM_InitPage() 441 { 442 load_language('plugin.lang', UAM_PATH); 443 global $conf, $template, $page, $lang, $errors; 444 445 $conf_UAM = unserialize($conf['UserAdvManager']); 446 447 /* Admin user management */ 448 if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') 449 { 450 if (isset($_POST['submit_add'])) 451 { 452 /* Email without forbidden domains */ 453 if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['email']) and ValidateEmailProvider($_POST['email'])) 454 { 455 $template->append('errors', l10n('reg_err_login7')."'".$conf_UAM[12]."'"); 456 unset($_POST['submit_add']); 457 } 458 } 459 } 460 } 461 462 54 // Comment without author 463 55 add_event_handler('user_comment_check', 'UAM_CheckEmptyCommentAuthor', 50, 2); 464 465 function UAM_CheckEmptyCommentAuthor($comment_action, $comm)466 {467 load_language('plugin.lang', UAM_PATH);468 global $infos, $conf, $template;469 470 $conf_UAM = unserialize($conf['UserAdvManager']);471 472 /* User creation OR update */473 if (isset($conf_UAM[5]) and $conf_UAM[5] == 'true' and $conf['comments_forall'] == 'true' and $comm['author'] == 'guest')474 {475 $comment_action = 'reject';476 477 array_push($infos, l10n('UAM_Empty Author'));478 }479 480 return $comment_action;481 }482 56 ?>
Note: See TracChangeset
for help on using the changeset viewer.