[3742] | 1 | <?php |
---|
| 2 | /* |
---|
[5181] | 3 | Plugin Name: UserAdvManager |
---|
[6256] | 4 | Version: 2.15.3 |
---|
[4957] | 5 | Description: Renforcer la gestion des utilisateurs - Enforce users management |
---|
[3742] | 6 | Plugin URI: http://fr.piwigo.org/ext/extension_view.php?eid=216 |
---|
| 7 | Author: Nicco, Eric |
---|
| 8 | Author URI: http://gallery-nicco.no-ip.org, http://www.infernoweb.net |
---|
| 9 | */ |
---|
| 10 | |
---|
[5181] | 11 | /* History: UAM_PATH.'Changelog.txt.php' */ |
---|
[3742] | 12 | |
---|
| 13 | /* |
---|
| 14 | ***** TODO List ***** |
---|
[4430] | 15 | ++ Adding ASC and DESC ordering for user's lists tables (Ghost Tracker, UserList and Unvalidated) ? |
---|
[4380] | 16 | |
---|
[4135] | 17 | ++ No validation needed for admins users comments (new trigger needed in comments.php ?) |
---|
[3742] | 18 | |
---|
[4135] | 19 | ++ No single email check for admins (new trigger needed in functions_user.inc.php ?) |
---|
[3742] | 20 | |
---|
| 21 | ++ Password control and enforcement |
---|
[4124] | 22 | ?? Can not be the same as username -> Could password score control be sufficient ? |
---|
[3742] | 23 | |
---|
| 24 | ++ Security : Blocking brut-force attacks ! |
---|
[4159] | 25 | -> Way to do that : Count the number of failed attempts to connect and lock the targetted account after x attempts. Where x will be settable by admin. |
---|
| 26 | To unlock the locked account : |
---|
| 27 | -> A new table in admin's plugin panel which would display the locked accounts. |
---|
| 28 | -> Sending an email to account owner to inform him his account is blocked due to multiple failed connexions attempts. This email could have a link with a security key to unlock the account. |
---|
| 29 | -> Both of above solutions ? |
---|
[3742] | 30 | |
---|
| 31 | ++ Opportunity to copy a registered user for new user creation |
---|
| 32 | ++ new copied user will (or not) belong to the same groups |
---|
| 33 | ++ new copied user will (or not) get the same status (visitor, admin, webmaster, guest (??)) |
---|
| 34 | ++ new copied user will (or not) get the same properties |
---|
| 35 | ++ new copied user will (or not) get the same language |
---|
| 36 | ... and so on |
---|
| 37 | */ |
---|
| 38 | |
---|
[4927] | 39 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
[5181] | 40 | if (!defined('UAM_DIR')) define('UAM_DIR' , basename(dirname(__FILE__))); |
---|
| 41 | if (!defined('UAM_PATH')) define('UAM_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/'); |
---|
[3742] | 42 | |
---|
[5181] | 43 | include_once (UAM_PATH.'include/constants.php'); |
---|
| 44 | include_once (UAM_PATH.'include/functions.inc.php'); |
---|
[3742] | 45 | |
---|
[5181] | 46 | load_language('plugin.lang', UAM_PATH); |
---|
[3858] | 47 | |
---|
| 48 | |
---|
[3742] | 49 | /* Plugin admin */ |
---|
[5056] | 50 | add_event_handler('get_admin_plugin_menu_links', 'UAM_admin_menu'); |
---|
[3742] | 51 | |
---|
[5056] | 52 | function UAM_admin_menu($menu) |
---|
[3742] | 53 | { |
---|
[5181] | 54 | // +-----------------------------------------------------------------------+ |
---|
| 55 | // | Getting plugin name | |
---|
| 56 | // +-----------------------------------------------------------------------+ |
---|
| 57 | $plugin = PluginInfos(UAM_PATH); |
---|
| 58 | $name = $plugin['name']; |
---|
| 59 | |
---|
[3742] | 60 | array_push($menu, |
---|
| 61 | array( |
---|
[5181] | 62 | 'NAME' => $name, |
---|
| 63 | 'URL' => get_admin_plugin_menu_link(UAM_PATH.'/admin/UAM_admin.php') |
---|
[3742] | 64 | ) |
---|
| 65 | ); |
---|
| 66 | |
---|
| 67 | return $menu; |
---|
| 68 | } |
---|
| 69 | |
---|
[4927] | 70 | /* Lastvisit table feed for Ghost Tracker */ |
---|
[5056] | 71 | add_event_handler('loc_begin_index', 'UAM_GhostTracker'); |
---|
[3742] | 72 | |
---|
[5056] | 73 | function UAM_GhostTracker() |
---|
[4143] | 74 | { |
---|
| 75 | global $conf, $user; |
---|
| 76 | |
---|
[5181] | 77 | $conf_UAM = unserialize($conf['UserAdvManager']); |
---|
[5056] | 78 | |
---|
[5105] | 79 | /* Admins and Guests are not tracked for Ghost Tracker or Users Tracker */ |
---|
| 80 | if (!is_admin() and !is_a_guest()) |
---|
[4143] | 81 | { |
---|
[5105] | 82 | if ((isset($conf_UAM[17]) and $conf_UAM[17] == 'true') or (isset($conf_UAM[20]) and $conf_UAM[20] == 'true')) |
---|
| 83 | { |
---|
[4143] | 84 | |
---|
[5105] | 85 | $userid = get_userid($user['username']); |
---|
[4143] | 86 | |
---|
[5105] | 87 | /* Looking for existing entry in last visit table */ |
---|
| 88 | $query = ' |
---|
[4143] | 89 | SELECT * |
---|
[4159] | 90 | FROM '.USER_LASTVISIT_TABLE.' |
---|
[4143] | 91 | WHERE user_id = '.$userid.' |
---|
| 92 | ;'; |
---|
| 93 | |
---|
[5634] | 94 | $count = pwg_db_num_rows(pwg_query($query)); |
---|
[4143] | 95 | |
---|
[5105] | 96 | if ($count == 0) |
---|
| 97 | { |
---|
| 98 | /* If not, data are inserted in table */ |
---|
| 99 | $query = ' |
---|
[4143] | 100 | INSERT INTO '.USER_LASTVISIT_TABLE.' (user_id, lastvisit, reminder) |
---|
| 101 | VALUES ('.$userid.', now(), "false") |
---|
| 102 | ;'; |
---|
[5105] | 103 | pwg_query($query); |
---|
| 104 | } |
---|
| 105 | else if ($count > 0) |
---|
| 106 | { |
---|
| 107 | /* If yes, data are updated in table */ |
---|
| 108 | $query = ' |
---|
[4143] | 109 | UPDATE '.USER_LASTVISIT_TABLE.' |
---|
| 110 | SET lastvisit = now(), reminder = "false" |
---|
| 111 | WHERE user_id = '.$userid.' |
---|
| 112 | LIMIT 1 |
---|
| 113 | ;'; |
---|
[5105] | 114 | pwg_query($query); |
---|
| 115 | } |
---|
[4143] | 116 | } |
---|
| 117 | } |
---|
| 118 | } |
---|
| 119 | |
---|
| 120 | |
---|
[3742] | 121 | /* User creation */ |
---|
[5056] | 122 | add_event_handler('register_user', 'UAM_Adduser'); |
---|
[3742] | 123 | |
---|
[5056] | 124 | function UAM_Adduser($register_user) |
---|
[3742] | 125 | { |
---|
| 126 | global $conf; |
---|
[5056] | 127 | |
---|
[5181] | 128 | $conf_UAM = unserialize($conf['UserAdvManager']); |
---|
[3742] | 129 | |
---|
[4124] | 130 | /* Sending registration confirmation by email */ |
---|
[5064] | 131 | if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or (isset($conf_UAM[2]) and $conf_UAM[2] == 'true')) |
---|
[4124] | 132 | { |
---|
[5064] | 133 | if (is_admin() and isset($conf_UAM[21]) and $conf_UAM[21] == 'true') |
---|
| 134 | { |
---|
[4185] | 135 | $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; |
---|
[5064] | 136 | SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); |
---|
| 137 | } |
---|
| 138 | elseif (is_admin() and isset($conf_UAM[21]) and $conf_UAM[21] == 'false') |
---|
| 139 | { |
---|
| 140 | $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; |
---|
| 141 | SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); |
---|
| 142 | } |
---|
| 143 | elseif (!is_admin()) |
---|
| 144 | { |
---|
| 145 | $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; |
---|
[4185] | 146 | SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); |
---|
[5064] | 147 | } |
---|
[4124] | 148 | } |
---|
[3742] | 149 | } |
---|
| 150 | |
---|
| 151 | |
---|
| 152 | /* User deletion */ |
---|
[5056] | 153 | add_event_handler('delete_user', 'UAM_Deluser'); |
---|
[3742] | 154 | |
---|
[5056] | 155 | function UAM_Deluser($user_id) |
---|
[3742] | 156 | { |
---|
[4159] | 157 | /* Cleanup for ConfirmMail table */ |
---|
[3742] | 158 | DeleteConfirmMail($user_id); |
---|
[4159] | 159 | /* Cleanup for LastVisit table */ |
---|
| 160 | DeleteLastVisit($user_id); |
---|
[3742] | 161 | } |
---|
| 162 | |
---|
| 163 | |
---|
[4124] | 164 | /* Check users registration */ |
---|
[5056] | 165 | add_event_handler('register_user_check', 'UAM_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); |
---|
[3742] | 166 | |
---|
[5056] | 167 | function UAM_RegistrationCheck($err, $user) |
---|
[3742] | 168 | { |
---|
[4124] | 169 | global $errors, $conf; |
---|
| 170 | |
---|
[4234] | 171 | /* *********************************************************** */ |
---|
| 172 | /* We need to reset the standard Piwigo's register controls */ |
---|
| 173 | /* because the call of register_user_check trigger resets them */ |
---|
| 174 | /* *********************************************************** */ |
---|
| 175 | /* ********************************** */ |
---|
| 176 | /* Standard Piwigo's username control */ |
---|
| 177 | /* ********************************** */ |
---|
| 178 | if ($_POST['login'] == '') |
---|
| 179 | { |
---|
| 180 | return l10n('reg_err_login1'); |
---|
| 181 | } |
---|
| 182 | if (preg_match('/^.* $/', $_POST['login'])) |
---|
| 183 | { |
---|
| 184 | return l10n('reg_err_login2'); |
---|
| 185 | } |
---|
| 186 | if (preg_match('/^ .*$/', $_POST['login'])) |
---|
| 187 | { |
---|
| 188 | return l10n('reg_err_login3'); |
---|
| 189 | } |
---|
| 190 | if (get_userid($_POST['login'])) |
---|
| 191 | { |
---|
| 192 | return l10n('reg_err_login5'); |
---|
| 193 | } |
---|
[4415] | 194 | |
---|
| 195 | if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') /* not the same email variable if we are on users registration page or on admin's user registration page*/ |
---|
| 196 | { |
---|
| 197 | /* Email doblons check */ |
---|
| 198 | $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase |
---|
| 199 | $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name |
---|
| 200 | $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i'; |
---|
| 201 | |
---|
| 202 | if (!preg_match($regex, $_POST['email'])) |
---|
| 203 | { |
---|
| 204 | return l10n('reg_err_mail_address'); |
---|
| 205 | } |
---|
| 206 | |
---|
| 207 | $query = ' |
---|
| 208 | SELECT count(*) |
---|
| 209 | FROM '.USERS_TABLE.' |
---|
| 210 | WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['email'].'\') |
---|
| 211 | ;'; |
---|
[5634] | 212 | list($count) = pwg_db_fetch_row(pwg_query($query)); |
---|
[4415] | 213 | if ($count != 0) |
---|
| 214 | { |
---|
| 215 | return l10n('reg_err_mail_address_dbl'); |
---|
| 216 | } |
---|
| 217 | } |
---|
| 218 | |
---|
| 219 | if (script_basename() == 'register') /* not the same email variable if we are on users registration page or on admin's user registration page*/ |
---|
| 220 | { |
---|
| 221 | /* Email doblons check */ |
---|
| 222 | $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase |
---|
| 223 | $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name |
---|
| 224 | $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i'; |
---|
| 225 | |
---|
| 226 | if (!preg_match($regex, $_POST['mail_address'])) |
---|
| 227 | { |
---|
| 228 | return l10n('reg_err_mail_address'); |
---|
| 229 | } |
---|
| 230 | |
---|
| 231 | $query = ' |
---|
| 232 | SELECT count(*) |
---|
| 233 | FROM '.USERS_TABLE.' |
---|
| 234 | WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['mail_address'].'\') |
---|
| 235 | ;'; |
---|
[5634] | 236 | list($count) = pwg_db_fetch_row(pwg_query($query)); |
---|
[4415] | 237 | if ($count != 0) |
---|
| 238 | { |
---|
| 239 | return l10n('reg_err_mail_address_dbl'); |
---|
| 240 | } |
---|
| 241 | } |
---|
[4234] | 242 | /* ****************************************** */ |
---|
| 243 | /* End of Piwigo's standard register controls */ |
---|
| 244 | /* ****************************************** */ |
---|
| 245 | |
---|
| 246 | |
---|
| 247 | /* ****************************************** */ |
---|
| 248 | /* Here begins the advanced register controls */ |
---|
| 249 | /* ****************************************** */ |
---|
[4124] | 250 | $PasswordCheck = 0; |
---|
[3742] | 251 | |
---|
[5181] | 252 | $conf_UAM = unserialize($conf['UserAdvManager']); |
---|
[5056] | 253 | |
---|
[4124] | 254 | /* Password enforcement control */ |
---|
[5056] | 255 | if (isset($conf_UAM[14]) and $conf_UAM[14] == 'true' and !empty($conf_UAM[15])) |
---|
[3742] | 256 | { |
---|
[4124] | 257 | if (!empty($user['password']) and !is_admin()) |
---|
[3742] | 258 | { |
---|
[4124] | 259 | $PasswordCheck = testpassword($user['password']); |
---|
| 260 | |
---|
[5056] | 261 | if ($PasswordCheck < $conf_UAM[15]) |
---|
[3742] | 262 | { |
---|
[4124] | 263 | $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); |
---|
[5056] | 264 | return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[15]); |
---|
[3742] | 265 | } |
---|
| 266 | } |
---|
[5056] | 267 | else if (!empty($user['password']) and is_admin() and isset($conf_UAM[16]) and $conf_UAM[16] == 'true') |
---|
[4124] | 268 | { |
---|
| 269 | $PasswordCheck = testpassword($user['password']); |
---|
| 270 | |
---|
[5056] | 271 | if ($PasswordCheck < $conf_UAM[15]) |
---|
[4124] | 272 | { |
---|
| 273 | $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); |
---|
[5056] | 274 | return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[15]); |
---|
[4124] | 275 | } |
---|
| 276 | } |
---|
[3742] | 277 | } |
---|
| 278 | |
---|
[4124] | 279 | /* Username non case sensitive */ |
---|
[5056] | 280 | if (isset($conf_UAM[1]) and $conf_UAM[1] == 'true' and NotSensibleSearchUsername($_POST['login'])) |
---|
[4124] | 281 | { |
---|
[4384] | 282 | return($lang['reg_err_login5'] = l10n('reg_err_login5')); |
---|
[4124] | 283 | } |
---|
[3742] | 284 | |
---|
[4124] | 285 | /* Username without forbidden keys */ |
---|
[5056] | 286 | if (isset($conf_UAM[7]) and $conf_UAM[7] == 'true' and !empty($_POST['login']) and ValidateUsername($_POST['login']) and !is_admin()) |
---|
[3742] | 287 | { |
---|
[4124] | 288 | $_POST['login'] = ''; |
---|
[5056] | 289 | return($lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_UAM[8]."'"); |
---|
[3742] | 290 | } |
---|
| 291 | |
---|
[4124] | 292 | /* Email without forbidden domains */ |
---|
[5056] | 293 | if (isset($conf_UAM[12]) and $conf_UAM[12] == 'true' and !empty($_POST['mail_address']) and ValidateEmailProvider($_POST['mail_address']) and !is_admin()) |
---|
[3742] | 294 | { |
---|
[4384] | 295 | $_POST['mail_address'] = ''; |
---|
[5056] | 296 | return($lang['reg_err_login1'] = l10n('reg_err_login7')."'".$conf_UAM[13]."'"); |
---|
[4384] | 297 | } |
---|
[4124] | 298 | } |
---|
[3742] | 299 | |
---|
| 300 | |
---|
[4124] | 301 | if (script_basename() == 'profile') |
---|
| 302 | { |
---|
[5056] | 303 | add_event_handler('loc_begin_profile', 'UAM_Profile_Init'); |
---|
[3742] | 304 | |
---|
[5056] | 305 | function UAM_Profile_Init() |
---|
[4124] | 306 | { |
---|
| 307 | global $conf, $user, $template; |
---|
[3742] | 308 | |
---|
[5181] | 309 | $conf_UAM = unserialize($conf['UserAdvManager']); |
---|
[4061] | 310 | |
---|
[4927] | 311 | if (isset($_POST['validate']) and !is_admin()) |
---|
[3742] | 312 | { |
---|
[4124] | 313 | /* Email without forbidden domains */ |
---|
[5056] | 314 | if (isset($conf_UAM[12]) and $conf_UAM[12] == 'true' and !empty($_POST['mail_address'])) |
---|
[4384] | 315 | { |
---|
| 316 | if (ValidateEmailProvider($_POST['mail_address'])) |
---|
[3742] | 317 | { |
---|
[5056] | 318 | $template->append('errors', l10n('reg_err_login7')."'".$conf_UAM[13]."'"); |
---|
[4384] | 319 | unset($_POST['validate']); |
---|
[3742] | 320 | } |
---|
[4384] | 321 | } |
---|
[4124] | 322 | |
---|
| 323 | $typemail = 3; |
---|
[3742] | 324 | |
---|
[4124] | 325 | if (!empty($_POST['use_new_pwd'])) |
---|
| 326 | { |
---|
| 327 | $typemail = 2; |
---|
[3742] | 328 | |
---|
[4124] | 329 | /* Password enforcement control */ |
---|
[5056] | 330 | if (isset($conf_UAM[14]) and $conf_UAM[14] == 'true' and !empty($conf_UAM[15])) |
---|
[3742] | 331 | { |
---|
[4124] | 332 | $PasswordCheck = testpassword($_POST['use_new_pwd']); |
---|
| 333 | |
---|
[5056] | 334 | if ($PasswordCheck < $conf_UAM[15]) |
---|
[3742] | 335 | { |
---|
[4124] | 336 | $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); |
---|
[5056] | 337 | $template->append('errors', l10n_args($message).$conf_UAM[15]); |
---|
[4124] | 338 | unset($_POST['use_new_pwd']); |
---|
| 339 | unset($_POST['validate']); |
---|
[3742] | 340 | } |
---|
| 341 | } |
---|
[4124] | 342 | } |
---|
| 343 | |
---|
| 344 | /* Sending registration confirmation by email */ |
---|
[5056] | 345 | if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or (isset($conf_UAM[2]) and $conf_UAM[2] == 'true')) |
---|
[4124] | 346 | { |
---|
[3742] | 347 | $confirm_mail_need = false; |
---|
| 348 | |
---|
[4316] | 349 | if (!empty($_POST['mail_address'])) |
---|
[3742] | 350 | { |
---|
| 351 | $query = ' |
---|
[4143] | 352 | SELECT '.$conf['user_fields']['email'].' AS email |
---|
| 353 | FROM '.USERS_TABLE.' |
---|
| 354 | WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' |
---|
| 355 | ;'; |
---|
[4124] | 356 | |
---|
[5634] | 357 | list($current_email) = pwg_db_fetch_row(pwg_query($query)); |
---|
[3742] | 358 | |
---|
[5056] | 359 | if ($_POST['mail_address'] != $current_email and ( isset($conf_UAM[2]) and $conf_UAM[2] == 'true')) |
---|
[4124] | 360 | |
---|
[3742] | 361 | $confirm_mail_need = true; |
---|
| 362 | } |
---|
[4124] | 363 | |
---|
[5056] | 364 | if ((!empty($_POST['use_new_pwd']) and (isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or $confirm_mail_need)) |
---|
[3742] | 365 | { |
---|
| 366 | $query = ' |
---|
[4143] | 367 | SELECT '.$conf['user_fields']['username'].' |
---|
| 368 | FROM '.USERS_TABLE.' |
---|
| 369 | WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\' |
---|
| 370 | ;'; |
---|
[4124] | 371 | |
---|
[5634] | 372 | list($username) = pwg_db_fetch_row(pwg_query($query)); |
---|
[3742] | 373 | |
---|
| 374 | SendMail2User($typemail, $user['id'], $username, $_POST['use_new_pwd'], $_POST['mail_address'], $confirm_mail_need); |
---|
| 375 | } |
---|
| 376 | } |
---|
| 377 | } |
---|
| 378 | } |
---|
| 379 | } |
---|
| 380 | |
---|
[4124] | 381 | |
---|
[5056] | 382 | add_event_handler('init', 'UAM_InitPage'); |
---|
[4384] | 383 | /* *** Important ! This is necessary to make email exclusion work in admin's users management panel *** */ |
---|
[5056] | 384 | function UAM_InitPage() |
---|
[4124] | 385 | { |
---|
[5181] | 386 | load_language('plugin.lang', UAM_PATH); |
---|
[4124] | 387 | global $conf, $template, $page, $lang, $errors; |
---|
| 388 | |
---|
[5181] | 389 | $conf_UAM = unserialize($conf['UserAdvManager']); |
---|
[4124] | 390 | |
---|
| 391 | /* Admin user management */ |
---|
| 392 | if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') |
---|
| 393 | { |
---|
| 394 | if (isset($_POST['submit_add'])) |
---|
| 395 | { |
---|
[4384] | 396 | /* Email without forbidden domains */ |
---|
[5056] | 397 | if (isset($conf_UAM[12]) and $conf_UAM[12] == 'true' and !empty($_POST['email']) and ValidateEmailProvider($_POST['email'])) |
---|
[4124] | 398 | { |
---|
[5056] | 399 | $template->append('errors', l10n('reg_err_login7')."'".$conf_UAM[13]."'"); |
---|
[4124] | 400 | unset($_POST['submit_add']); |
---|
| 401 | } |
---|
| 402 | } |
---|
| 403 | } |
---|
| 404 | } |
---|
| 405 | |
---|
[4135] | 406 | |
---|
[5056] | 407 | add_event_handler('user_comment_check', 'UAM_CheckEmptyCommentAuthor', 50, 2); |
---|
[3742] | 408 | |
---|
[5056] | 409 | function UAM_CheckEmptyCommentAuthor($comment_action, $comm) |
---|
[3742] | 410 | { |
---|
[5181] | 411 | load_language('plugin.lang', UAM_PATH); |
---|
[3742] | 412 | global $infos, $conf, $template; |
---|
| 413 | |
---|
[5181] | 414 | $conf_UAM = unserialize($conf['UserAdvManager']); |
---|
[3742] | 415 | |
---|
| 416 | /* User creation OR update */ |
---|
[5056] | 417 | if (isset($conf_UAM[6]) and $conf_UAM[6] == 'true' and $conf['comments_forall'] == 'true' and $comm['author'] == 'guest') |
---|
[3742] | 418 | { |
---|
| 419 | $comment_action = 'reject'; |
---|
| 420 | |
---|
[5056] | 421 | array_push($infos, l10n('UAM_Empty Author')); |
---|
[3742] | 422 | } |
---|
| 423 | |
---|
| 424 | return $comment_action; |
---|
| 425 | } |
---|
| 426 | ?> |
---|