[25281] | 1 | <?php |
---|
| 2 | // +-----------------------------------------------------------------------+ |
---|
| 3 | // | Piwigo - a PHP based photo gallery | |
---|
| 4 | // +-----------------------------------------------------------------------+ |
---|
[26461] | 5 | // | Copyright(C) 2008-2014 Piwigo Team http://piwigo.org | |
---|
[25281] | 6 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
| 7 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
| 8 | // +-----------------------------------------------------------------------+ |
---|
| 9 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 10 | // | it under the terms of the GNU General Public License as published by | |
---|
| 11 | // | the Free Software Foundation | |
---|
| 12 | // | | |
---|
| 13 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 14 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 15 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 16 | // | General Public License for more details. | |
---|
| 17 | // | | |
---|
| 18 | // | You should have received a copy of the GNU General Public License | |
---|
| 19 | // | along with this program; if not, write to the Free Software | |
---|
| 20 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 21 | // | USA. | |
---|
| 22 | // +-----------------------------------------------------------------------+ |
---|
| 23 | |
---|
| 24 | /** |
---|
| 25 | * API method |
---|
| 26 | * Returns a list of users |
---|
| 27 | * @param mixed[] $params |
---|
| 28 | * @option int[] user_id (optional) |
---|
| 29 | * @option string username (optional) |
---|
| 30 | * @option string[] status (optional) |
---|
| 31 | * @option int min_level (optional) |
---|
| 32 | * @option int[] group_id (optional) |
---|
| 33 | * @option int per_page |
---|
| 34 | * @option int page |
---|
| 35 | * @option string order |
---|
[25472] | 36 | * @option string display |
---|
[25281] | 37 | */ |
---|
| 38 | function ws_users_getList($params, &$service) |
---|
| 39 | { |
---|
| 40 | global $conf; |
---|
| 41 | |
---|
| 42 | $where_clauses = array('1=1'); |
---|
| 43 | |
---|
| 44 | if (!empty($params['user_id'])) |
---|
| 45 | { |
---|
| 46 | $where_clauses[] = 'u.'.$conf['user_fields']['id'].' IN('. implode(',', $params['user_id']) .')'; |
---|
| 47 | } |
---|
| 48 | |
---|
| 49 | if (!empty($params['username'])) |
---|
| 50 | { |
---|
| 51 | $where_clauses[] = 'u.'.$conf['user_fields']['username'].' LIKE \''.pwg_db_real_escape_string($params['username']).'\''; |
---|
| 52 | } |
---|
| 53 | |
---|
| 54 | if (!empty($params['status'])) |
---|
| 55 | { |
---|
| 56 | $params['status'] = array_intersect($params['status'], get_enums(USER_INFOS_TABLE, 'status')); |
---|
| 57 | if (count($params['status']) > 0) |
---|
| 58 | { |
---|
| 59 | $where_clauses[] = 'ui.status IN("'. implode('","', $params['status']) .'")'; |
---|
| 60 | } |
---|
| 61 | } |
---|
| 62 | |
---|
| 63 | if (!empty($params['min_level'])) |
---|
| 64 | { |
---|
| 65 | if ( !in_array($params['min_level'], $conf['available_permission_levels']) ) |
---|
| 66 | { |
---|
| 67 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level'); |
---|
| 68 | } |
---|
| 69 | $where_clauses[] = 'ui.level >= '.$params['min_level']; |
---|
| 70 | } |
---|
| 71 | |
---|
| 72 | if (!empty($params['group_id'])) |
---|
| 73 | { |
---|
| 74 | $where_clauses[] = 'ug.group_id IN('. implode(',', $params['group_id']) .')'; |
---|
| 75 | } |
---|
| 76 | |
---|
| 77 | $display = array('u.'.$conf['user_fields']['id'] => 'id'); |
---|
| 78 | |
---|
| 79 | if ($params['display'] != 'none') |
---|
| 80 | { |
---|
[25472] | 81 | $params['display'] = array_map('trim', explode(',', $params['display'])); |
---|
[25281] | 82 | |
---|
| 83 | if (in_array('all', $params['display'])) |
---|
| 84 | { |
---|
[25472] | 85 | $params['display'] = array( |
---|
[25281] | 86 | 'username','email','status','level','groups','language','theme', |
---|
| 87 | 'nb_image_page','recent_period','expand','show_nb_comments','show_nb_hits', |
---|
[25459] | 88 | 'enabled_high','registration_date','registration_date_string', |
---|
| 89 | 'registration_date_since', 'last_visit', 'last_visit_string', |
---|
| 90 | 'last_visit_since' |
---|
[25472] | 91 | ); |
---|
[25281] | 92 | } |
---|
| 93 | else if (in_array('basics', $params['display'])) |
---|
| 94 | { |
---|
| 95 | $params['display'] = array_merge($params['display'], array( |
---|
| 96 | 'username','email','status','level','groups', |
---|
| 97 | )); |
---|
| 98 | } |
---|
[25472] | 99 | $params['display'] = array_flip($params['display']); |
---|
[25281] | 100 | |
---|
[25461] | 101 | // if registration_date_string or registration_date_since is requested, |
---|
| 102 | // then registration_date is automatically added |
---|
[25472] | 103 | if (isset($params['display']['registration_date_string']) or isset($params['display']['registration_date_since'])) |
---|
[25461] | 104 | { |
---|
[25472] | 105 | $params['display']['registration_date'] = true; |
---|
[25461] | 106 | } |
---|
| 107 | |
---|
| 108 | // if last_visit_string or last_visit_since is requested, then |
---|
| 109 | // last_visit is automatically added |
---|
[25472] | 110 | if (isset($params['display']['last_visit_string']) or isset($params['display']['last_visit_since'])) |
---|
[25461] | 111 | { |
---|
[25472] | 112 | $params['display']['last_visit'] = true; |
---|
[25461] | 113 | } |
---|
| 114 | |
---|
[25472] | 115 | if (isset($params['display']['username'])) |
---|
[25461] | 116 | { |
---|
[25281] | 117 | $display['u.'.$conf['user_fields']['username']] = 'username'; |
---|
| 118 | } |
---|
[25472] | 119 | if (isset($params['display']['email'])) |
---|
[25281] | 120 | { |
---|
| 121 | $display['u.'.$conf['user_fields']['email']] = 'email'; |
---|
| 122 | } |
---|
| 123 | |
---|
| 124 | $ui_fields = array( |
---|
| 125 | 'status','level','language','theme','nb_image_page','recent_period','expand', |
---|
[25459] | 126 | 'show_nb_comments','show_nb_hits','enabled_high','registration_date' |
---|
[25281] | 127 | ); |
---|
| 128 | foreach ($ui_fields as $field) |
---|
| 129 | { |
---|
[25472] | 130 | if (isset($params['display'][$field])) |
---|
[25281] | 131 | { |
---|
| 132 | $display['ui.'.$field] = $field; |
---|
| 133 | } |
---|
| 134 | } |
---|
| 135 | } |
---|
| 136 | else |
---|
| 137 | { |
---|
| 138 | $params['display'] = array(); |
---|
| 139 | } |
---|
| 140 | |
---|
| 141 | $query = ' |
---|
| 142 | SELECT DISTINCT '; |
---|
| 143 | |
---|
| 144 | $first = true; |
---|
| 145 | foreach ($display as $field => $name) |
---|
| 146 | { |
---|
| 147 | if (!$first) $query.= ', '; |
---|
| 148 | else $first = false; |
---|
| 149 | $query.= $field .' AS '. $name; |
---|
| 150 | } |
---|
[25472] | 151 | if (isset($params['display']['groups'])) |
---|
[25281] | 152 | { |
---|
| 153 | if (!$first) $query.= ', '; |
---|
| 154 | $query.= '"" AS groups'; |
---|
| 155 | } |
---|
| 156 | |
---|
| 157 | $query.= ' |
---|
| 158 | FROM '. USERS_TABLE .' AS u |
---|
| 159 | INNER JOIN '. USER_INFOS_TABLE .' AS ui |
---|
| 160 | ON u.'. $conf['user_fields']['id'] .' = ui.user_id |
---|
| 161 | LEFT JOIN '. USER_GROUP_TABLE .' AS ug |
---|
| 162 | ON u.'. $conf['user_fields']['id'] .' = ug.user_id |
---|
| 163 | WHERE |
---|
| 164 | '. implode(' AND ', $where_clauses) .' |
---|
| 165 | ORDER BY '. $params['order'] .' |
---|
| 166 | LIMIT '. $params['per_page'] .' |
---|
| 167 | OFFSET '. ($params['per_page']*$params['page']) .' |
---|
| 168 | ;'; |
---|
| 169 | |
---|
[25545] | 170 | $users = array(); |
---|
| 171 | $result = pwg_query($query); |
---|
| 172 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 173 | { |
---|
| 174 | $row['id'] = intval($row['id']); |
---|
| 175 | $users[ $row['id'] ] = $row; |
---|
| 176 | } |
---|
[25281] | 177 | |
---|
[25461] | 178 | if (count($users) > 0) |
---|
[25281] | 179 | { |
---|
[25472] | 180 | if (isset($params['display']['groups'])) |
---|
[25461] | 181 | { |
---|
| 182 | $query = ' |
---|
[25281] | 183 | SELECT user_id, group_id |
---|
| 184 | FROM '. USER_GROUP_TABLE .' |
---|
| 185 | WHERE user_id IN ('. implode(',', array_keys($users)) .') |
---|
| 186 | ;'; |
---|
[25461] | 187 | $result = pwg_query($query); |
---|
| 188 | |
---|
| 189 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 190 | { |
---|
[25545] | 191 | $users[ $row['user_id'] ]['groups'][] = intval($row['group_id']); |
---|
[25461] | 192 | } |
---|
| 193 | } |
---|
| 194 | |
---|
[25472] | 195 | if (isset($params['display']['registration_date_string'])) |
---|
[25281] | 196 | { |
---|
[25461] | 197 | foreach ($users as $cur_user) |
---|
| 198 | { |
---|
| 199 | $users[$cur_user['id']]['registration_date_string'] = format_date($cur_user['registration_date'], false, false); |
---|
| 200 | } |
---|
[25281] | 201 | } |
---|
| 202 | |
---|
[25472] | 203 | if (isset($params['display']['registration_date_since'])) |
---|
[25459] | 204 | { |
---|
[25461] | 205 | foreach ($users as $cur_user) |
---|
| 206 | { |
---|
| 207 | $users[ $cur_user['id'] ]['registration_date_since'] = time_since($cur_user['registration_date'], 'month'); |
---|
| 208 | } |
---|
[25459] | 209 | } |
---|
| 210 | |
---|
[25472] | 211 | if (isset($params['display']['last_visit'])) |
---|
[25459] | 212 | { |
---|
[25461] | 213 | $query = ' |
---|
[25459] | 214 | SELECT |
---|
| 215 | MAX(id) as history_id |
---|
| 216 | FROM '.HISTORY_TABLE.' |
---|
| 217 | WHERE user_id IN ('.implode(',', array_keys($users)).') |
---|
| 218 | GROUP BY user_id |
---|
| 219 | ;'; |
---|
[25461] | 220 | $history_ids = array_from_query($query, 'history_id'); |
---|
| 221 | |
---|
| 222 | if (count($history_ids) == 0) |
---|
| 223 | { |
---|
| 224 | $history_ids[] = -1; |
---|
| 225 | } |
---|
| 226 | |
---|
| 227 | $query = ' |
---|
[25459] | 228 | SELECT |
---|
| 229 | user_id, |
---|
| 230 | date, |
---|
| 231 | time |
---|
| 232 | FROM '.HISTORY_TABLE.' |
---|
| 233 | WHERE id IN ('.implode(',', $history_ids).') |
---|
| 234 | ;'; |
---|
[25461] | 235 | $result = pwg_query($query); |
---|
| 236 | while ($row = pwg_db_fetch_assoc($result)) |
---|
[25459] | 237 | { |
---|
[25461] | 238 | $last_visit = $row['date'].' '.$row['time']; |
---|
| 239 | $users[ $row['user_id'] ]['last_visit'] = $last_visit; |
---|
| 240 | |
---|
[25472] | 241 | if (isset($params['display']['last_visit_string'])) |
---|
[25461] | 242 | { |
---|
| 243 | $users[ $row['user_id'] ]['last_visit_string'] = format_date($last_visit, false, false); |
---|
| 244 | } |
---|
| 245 | |
---|
[25472] | 246 | if (isset($params['display']['last_visit_since'])) |
---|
[25461] | 247 | { |
---|
| 248 | $users[ $row['user_id'] ]['last_visit_since'] = time_since($last_visit, 'day'); |
---|
| 249 | } |
---|
[25459] | 250 | } |
---|
| 251 | } |
---|
| 252 | } |
---|
| 253 | |
---|
[27715] | 254 | $users = trigger_change('ws_users_getList', $users); |
---|
| 255 | |
---|
[25281] | 256 | return array( |
---|
| 257 | 'paging' => new PwgNamedStruct( |
---|
| 258 | array( |
---|
| 259 | 'page' => $params['page'], |
---|
| 260 | 'per_page' => $params['per_page'], |
---|
| 261 | 'count' => count($users) |
---|
| 262 | ) |
---|
| 263 | ), |
---|
| 264 | 'users' => new PwgNamedArray(array_values($users), 'user') |
---|
| 265 | ); |
---|
| 266 | } |
---|
| 267 | |
---|
| 268 | /** |
---|
| 269 | * API method |
---|
| 270 | * Adds a user |
---|
| 271 | * @param mixed[] $params |
---|
| 272 | * @option string username |
---|
| 273 | * @option string password (optional) |
---|
| 274 | * @option string email (optional) |
---|
| 275 | */ |
---|
| 276 | function ws_users_add($params, &$service) |
---|
| 277 | { |
---|
[27810] | 278 | if (get_pwg_token() != $params['pwg_token']) |
---|
| 279 | { |
---|
| 280 | return new PwgError(403, 'Invalid security token'); |
---|
| 281 | } |
---|
| 282 | |
---|
[25281] | 283 | global $conf; |
---|
| 284 | |
---|
| 285 | if ($conf['double_password_type_in_admin']) |
---|
| 286 | { |
---|
| 287 | if ($params['password'] != $params['password_confirm']) |
---|
| 288 | { |
---|
| 289 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('The passwords do not match')); |
---|
| 290 | } |
---|
| 291 | } |
---|
| 292 | |
---|
| 293 | $user_id = register_user( |
---|
| 294 | $params['username'], |
---|
| 295 | $params['password'], |
---|
| 296 | $params['email'], |
---|
| 297 | false, // notify admin |
---|
| 298 | $errors, |
---|
| 299 | $params['send_password_by_mail'] |
---|
| 300 | ); |
---|
| 301 | |
---|
| 302 | if (!$user_id) |
---|
| 303 | { |
---|
| 304 | return new PwgError(WS_ERR_INVALID_PARAM, $errors[0]); |
---|
| 305 | } |
---|
| 306 | |
---|
| 307 | return $service->invoke('pwg.users.getList', array('user_id'=>$user_id)); |
---|
| 308 | } |
---|
| 309 | |
---|
| 310 | /** |
---|
| 311 | * API method |
---|
| 312 | * Deletes users |
---|
| 313 | * @param mixed[] $params |
---|
| 314 | * @option int[] user_id |
---|
| 315 | * @option string pwg_token |
---|
| 316 | */ |
---|
| 317 | function ws_users_delete($params, &$service) |
---|
| 318 | { |
---|
| 319 | if (get_pwg_token() != $params['pwg_token']) |
---|
| 320 | { |
---|
| 321 | return new PwgError(403, 'Invalid security token'); |
---|
| 322 | } |
---|
| 323 | |
---|
| 324 | global $conf, $user; |
---|
| 325 | |
---|
| 326 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
| 327 | |
---|
| 328 | // protect some users |
---|
| 329 | $params['user_id'] = array_diff( |
---|
| 330 | $params['user_id'], |
---|
| 331 | array( |
---|
| 332 | $user['id'], |
---|
| 333 | $conf['guest_id'], |
---|
| 334 | $conf['default_user_id'], |
---|
| 335 | $conf['webmaster_id'], |
---|
| 336 | ) |
---|
| 337 | ); |
---|
| 338 | |
---|
| 339 | foreach ($params['user_id'] as $user_id) |
---|
| 340 | { |
---|
| 341 | delete_user($user_id); |
---|
| 342 | } |
---|
| 343 | |
---|
| 344 | return l10n_dec( |
---|
[25968] | 345 | '%d user deleted', '%d users deleted', |
---|
| 346 | count($params['user_id']) |
---|
| 347 | ); |
---|
[25281] | 348 | } |
---|
| 349 | |
---|
| 350 | /** |
---|
| 351 | * API method |
---|
| 352 | * Updates users |
---|
| 353 | * @param mixed[] $params |
---|
| 354 | * @option int[] user_id |
---|
| 355 | * @option string username (optional) |
---|
| 356 | * @option string password (optional) |
---|
| 357 | * @option string email (optional) |
---|
| 358 | * @option string status (optional) |
---|
| 359 | * @option int level (optional) |
---|
| 360 | * @option string language (optional) |
---|
| 361 | * @option string theme (optional) |
---|
| 362 | * @option int nb_image_page (optional) |
---|
| 363 | * @option int recent_period (optional) |
---|
| 364 | * @option bool expand (optional) |
---|
| 365 | * @option bool show_nb_comments (optional) |
---|
| 366 | * @option bool show_nb_hits (optional) |
---|
| 367 | * @option bool enabled_high (optional) |
---|
| 368 | */ |
---|
| 369 | function ws_users_setInfo($params, &$service) |
---|
| 370 | { |
---|
[27810] | 371 | if (get_pwg_token() != $params['pwg_token']) |
---|
| 372 | { |
---|
| 373 | return new PwgError(403, 'Invalid security token'); |
---|
| 374 | } |
---|
| 375 | |
---|
[25281] | 376 | global $conf, $user; |
---|
| 377 | |
---|
| 378 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
| 379 | |
---|
| 380 | $updates = $updates_infos = array(); |
---|
| 381 | $update_status = null; |
---|
| 382 | |
---|
| 383 | if (count($params['user_id']) == 1) |
---|
| 384 | { |
---|
| 385 | if (get_username($params['user_id'][0]) === false) |
---|
| 386 | { |
---|
| 387 | return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.'); |
---|
| 388 | } |
---|
| 389 | |
---|
| 390 | if (!empty($params['username'])) |
---|
| 391 | { |
---|
| 392 | $user_id = get_userid($params['username']); |
---|
| 393 | if ($user_id and $user_id != $params['user_id'][0]) |
---|
| 394 | { |
---|
| 395 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used')); |
---|
| 396 | } |
---|
| 397 | if ($params['username'] != strip_tags($params['username'])) |
---|
| 398 | { |
---|
| 399 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login')); |
---|
| 400 | } |
---|
| 401 | $updates[ $conf['user_fields']['username'] ] = $params['username']; |
---|
| 402 | } |
---|
| 403 | |
---|
| 404 | if (!empty($params['email'])) |
---|
| 405 | { |
---|
| 406 | if ( ($error = validate_mail_address($params['user_id'][0], $params['email'])) != '') |
---|
| 407 | { |
---|
| 408 | return new PwgError(WS_ERR_INVALID_PARAM, $error); |
---|
| 409 | } |
---|
| 410 | $updates[ $conf['user_fields']['email'] ] = $params['email']; |
---|
| 411 | } |
---|
| 412 | |
---|
| 413 | if (!empty($params['password'])) |
---|
| 414 | { |
---|
| 415 | $updates[ $conf['user_fields']['password'] ] = $conf['password_hash']($params['password']); |
---|
| 416 | } |
---|
| 417 | } |
---|
| 418 | |
---|
| 419 | if (!empty($params['status'])) |
---|
| 420 | { |
---|
| 421 | if ( $params['status'] == 'webmaster' and !is_webmaster() ) |
---|
| 422 | { |
---|
| 423 | return new PwgError(403, 'Only webmasters can grant "webmaster" status'); |
---|
| 424 | } |
---|
| 425 | if ( !in_array($params['status'], array('guest','generic','normal','admin','webmaster')) ) |
---|
| 426 | { |
---|
| 427 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid status'); |
---|
| 428 | } |
---|
| 429 | |
---|
| 430 | // status update query is separated from the rest as not applying to the same |
---|
| 431 | // set of users (current, guest and webmaster can't be changed) |
---|
| 432 | $params['user_id_for_status'] = array_diff( |
---|
| 433 | $params['user_id'], |
---|
| 434 | array( |
---|
| 435 | $user['id'], |
---|
| 436 | $conf['guest_id'], |
---|
| 437 | $conf['webmaster_id'], |
---|
| 438 | ) |
---|
| 439 | ); |
---|
| 440 | |
---|
| 441 | $update_status = $params['status']; |
---|
| 442 | } |
---|
| 443 | |
---|
| 444 | if (!empty($params['level']) or @$params['level']===0) |
---|
| 445 | { |
---|
| 446 | if ( !in_array($params['level'], $conf['available_permission_levels']) ) |
---|
| 447 | { |
---|
| 448 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level'); |
---|
| 449 | } |
---|
| 450 | $updates_infos['level'] = $params['level']; |
---|
| 451 | } |
---|
| 452 | |
---|
| 453 | if (!empty($params['language'])) |
---|
| 454 | { |
---|
| 455 | if ( !in_array($params['language'], array_keys(get_languages())) ) |
---|
| 456 | { |
---|
| 457 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid language'); |
---|
| 458 | } |
---|
| 459 | $updates_infos['language'] = $params['language']; |
---|
| 460 | } |
---|
| 461 | |
---|
| 462 | if (!empty($params['theme'])) |
---|
| 463 | { |
---|
| 464 | if ( !in_array($params['theme'], array_keys(get_pwg_themes())) ) |
---|
| 465 | { |
---|
| 466 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid theme'); |
---|
| 467 | } |
---|
| 468 | $updates_infos['theme'] = $params['theme']; |
---|
| 469 | } |
---|
| 470 | |
---|
| 471 | if (!empty($params['nb_image_page'])) |
---|
| 472 | { |
---|
| 473 | $updates_infos['nb_image_page'] = $params['nb_image_page']; |
---|
| 474 | } |
---|
| 475 | |
---|
| 476 | if (!empty($params['recent_period']) or @$params['recent_period']===0) |
---|
| 477 | { |
---|
| 478 | $updates_infos['recent_period'] = $params['recent_period']; |
---|
| 479 | } |
---|
| 480 | |
---|
| 481 | if (!empty($params['expand']) or @$params['expand']===false) |
---|
| 482 | { |
---|
| 483 | $updates_infos['expand'] = boolean_to_string($params['expand']); |
---|
| 484 | } |
---|
| 485 | |
---|
| 486 | if (!empty($params['show_nb_comments']) or @$params['show_nb_comments']===false) |
---|
| 487 | { |
---|
| 488 | $updates_infos['show_nb_comments'] = boolean_to_string($params['show_nb_comments']); |
---|
| 489 | } |
---|
| 490 | |
---|
| 491 | if (!empty($params['show_nb_hits']) or @$params['show_nb_hits']===false) |
---|
| 492 | { |
---|
| 493 | $updates_infos['show_nb_hits'] = boolean_to_string($params['show_nb_hits']); |
---|
| 494 | } |
---|
| 495 | |
---|
| 496 | if (!empty($params['enabled_high']) or @$params['enabled_high']===false) |
---|
| 497 | { |
---|
| 498 | $updates_infos['enabled_high'] = boolean_to_string($params['enabled_high']); |
---|
| 499 | } |
---|
| 500 | |
---|
| 501 | // perform updates |
---|
| 502 | single_update( |
---|
| 503 | USERS_TABLE, |
---|
| 504 | $updates, |
---|
| 505 | array($conf['user_fields']['id'] => $params['user_id'][0]) |
---|
| 506 | ); |
---|
| 507 | |
---|
| 508 | if (isset($update_status) and count($params['user_id_for_status']) > 0) |
---|
| 509 | { |
---|
| 510 | $query = ' |
---|
| 511 | UPDATE '. USER_INFOS_TABLE .' SET |
---|
| 512 | status = "'. $update_status .'" |
---|
| 513 | WHERE user_id IN('. implode(',', $params['user_id_for_status']) .') |
---|
| 514 | ;'; |
---|
| 515 | pwg_query($query); |
---|
| 516 | } |
---|
| 517 | |
---|
| 518 | if (count($updates_infos) > 0) |
---|
| 519 | { |
---|
| 520 | $query = ' |
---|
| 521 | UPDATE '. USER_INFOS_TABLE .' SET '; |
---|
| 522 | |
---|
| 523 | $first = true; |
---|
| 524 | foreach ($updates_infos as $field => $value) |
---|
| 525 | { |
---|
| 526 | if (!$first) $query.= ', '; |
---|
| 527 | else $first = false; |
---|
| 528 | $query.= $field .' = "'. $value .'"'; |
---|
| 529 | } |
---|
| 530 | |
---|
| 531 | $query.= ' |
---|
| 532 | WHERE user_id IN('. implode(',', $params['user_id']) .') |
---|
| 533 | ;'; |
---|
| 534 | pwg_query($query); |
---|
| 535 | } |
---|
| 536 | |
---|
[25474] | 537 | // manage association to groups |
---|
| 538 | if (!empty($params['group_id'])) |
---|
| 539 | { |
---|
| 540 | $query = ' |
---|
| 541 | DELETE |
---|
| 542 | FROM '.USER_GROUP_TABLE.' |
---|
| 543 | WHERE user_id IN ('.implode(',', $params['user_id']).') |
---|
| 544 | ;'; |
---|
| 545 | pwg_query($query); |
---|
| 546 | |
---|
| 547 | // we remove all provided groups that do not really exist |
---|
| 548 | $query = ' |
---|
| 549 | SELECT |
---|
| 550 | id |
---|
| 551 | FROM '.GROUPS_TABLE.' |
---|
| 552 | WHERE id IN ('.implode(',', $params['group_id']).') |
---|
| 553 | ;'; |
---|
| 554 | $group_ids = array_from_query($query, 'id'); |
---|
| 555 | |
---|
| 556 | // if only -1 (a group id that can't exist) is in the list, then no |
---|
| 557 | // group is associated |
---|
| 558 | |
---|
| 559 | if (count($group_ids) > 0) |
---|
| 560 | { |
---|
| 561 | $inserts = array(); |
---|
| 562 | |
---|
| 563 | foreach ($group_ids as $group_id) |
---|
| 564 | { |
---|
| 565 | foreach ($params['user_id'] as $user_id) |
---|
| 566 | { |
---|
| 567 | $inserts[] = array('user_id' => $user_id, 'group_id' => $group_id); |
---|
| 568 | } |
---|
| 569 | } |
---|
| 570 | |
---|
| 571 | mass_inserts(USER_GROUP_TABLE, array_keys($inserts[0]), $inserts); |
---|
| 572 | } |
---|
| 573 | } |
---|
| 574 | |
---|
[25968] | 575 | invalidate_user_cache(); |
---|
| 576 | |
---|
[25281] | 577 | return $service->invoke('pwg.users.getList', array( |
---|
| 578 | 'user_id' => $params['user_id'], |
---|
| 579 | 'display' => 'basics,'.implode(',', array_keys($updates_infos)), |
---|
| 580 | )); |
---|
| 581 | } |
---|
| 582 | |
---|
| 583 | ?> |
---|