Context Navigation

source: extensions/NBC_UserAdvManager/main.inc.php @ 3352

Last change on this file since 3352 was 3352, checked in by Eric, 15 years ago
First commit
Property svn:eol-style set to `LF`
File size: 11.4 KB

Line
1	<?php
2	/*
3	Plugin Name: NBC UserAdvManager
4	Version: 2.10.8
5	Description: Permet de renforcer les possibilités de gestion des utilisateurs - Enforce users management
6	Plugin URI: http://fr.piwigo.org/ext/extension_view.php?eid=216
7	Author: Nicco, Eric
8	Author URI: http://gallery-nicco.no-ip.org, http://www.infernoweb.net
9	*/
10
11	/*
12	*** Plugin history (branch 2.10)***
13
14	-- 2.10.0-beta : Initial beta release for Piwigo compatibility
15	-- 2.10.1-beta : Small correction on generated path
16	-- 2.10.2-beta : Bug resolved on register validation page
17
18	-- 2.10.3 : Final and fully functional release
19	Bug resolved on plugin activation
20
21	-- 2.10.4 : Bug fixed on profiles update
22
23	-- 2.10.5 : Improved code on profiles update
24
25	-- 2.10.6 : Old language packs (iso) deleted (forget from PWG 1.7.x version)
26
27	-- 2.10.7 : Bug fixed on user's validation email sending
28
29	-- 2.10.8 : ConfirmMail page looks better (Sylvia theme only)
30	Improved code for checking author on guest comments
31
32	*/
33
34	/*
35
36	*** TODO List ***
37
38	-- No validation needed for admins users comments (new trigger needed in comments.php)
39
40	-- No single email check for admins (new trigger needed in (functions_user.inc.php ?))
41
42	-- Administration page for Confirm Mail
43	++ Admin tabsheet for Confirm Mail to set options :
44	++ Setting a delay time with timeout for email confirmation (Timeout = CurrentDate - RegistrationDate)
45	++ List of users who haven't validated - could be easy to set with groups options : Unvalidated users are in a "Unvalidated" group.
46	++ List of users with expired validation time
47	++ List of validates users ? -> Same as "List of users who haven't validated" : They could belong to a "validated" group.
48	++ Opportunities to take actions on database tables :
49	++ Re-asking validation (case of non reception of validation email)
50	++ Force expiration
51	++ Force confirmation
52	++ Cleanup expired user's accounts
53	++ (...)
54
55	-- Password control ans enforcement
56	-- Empty password (done in Piwigo 2.x)
57	++ Can not be the same as username
58	++ complexity of the password (Numbers+Lettrers+Low and high case+Special+minimal length)
59
60	-- Security : Blocking brut-force attacks !
61
62	-- Opportunity to copy a registered user for new user creation
63	++ new copied user will (or not) belong to the same groups
64	++ new copied user will (or not) get the same status (visitor, admin, webmaster, guest (??))
65	++ new copied user will (or not) get the same properties
66	++ new copied user will (or not) get the same language
67	... and so on
68
69	*/
70
71
72
73	if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
74	define('NBC_UserAdvManager_DIR' , basename(dirname(__FILE__)));
75	define('NBC_UserAdvManager_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
76	include_once (NBC_UserAdvManager_PATH.'include/constants.php');
77	include_once (NBC_UserAdvManager_PATH.'include/functions_UserAdvManager.inc.php');
78	load_language('plugin.lang', NBC_UserAdvManager_PATH);
79
80
81	/* Plugin admin */
82	add_event_handler('get_admin_plugin_menu_links', 'nbc_UserAdvManager_admin_menu');
83
84	function nbc_UserAdvManager_admin_menu($menu)
85	{
86	array_push($menu,
87	array(
88	'NAME' => 'UserAdvManager',
89	'URL' => get_admin_plugin_menu_link(NBC_UserAdvManager_PATH.'/admin/UserAdvManager_admin.php')
90	)
91	);
92
93	return $menu;
94	}
95
96
97
98	/* User creation */
99	add_event_handler('register_user', 'UserAdvManager_Adduser');
100
101	function UserAdvManager_Adduser($register_user)
102	{
103	global $conf;
104
105	$conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
106
107	if (( isset($conf_nbc_UserAdvManager[0]) and $conf_nbc_UserAdvManager[0] == 'true') or ( isset($conf_nbc_UserAdvManager[2]) and $conf_nbc_UserAdvManager[2] == 'true'))
108	SendMail2User(1, $register_user['id'], $register_user['username'], $_POST['password'], $register_user['email'], true);
109	}
110
111
112
113	/* User deletion */
114	add_event_handler('delete_user', 'UserAdvManager_Deluser');
115
116	function UserAdvManager_Deluser($user_id)
117	{
118
119	DeleteConfirmMail($user_id);
120
121	}
122
123
124
125	add_event_handler('init', 'UserAdvManager_InitPage');
126
127	function UserAdvManager_InitPage()
128	{
129	global $conf, $template, $page, $lang;
130
131	$conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
132
133
134	if ( isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true' )
135	$lang['reg_err_login5'] = l10n('new_reg_err_login5');
136
137
138
139	/* User identification */
140	if (script_basename() == 'identification')
141	{
142	if (isset($_POST['login']))
143	{
144	/* User non case sensitive */
145	if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true' )
146	{
147	$new_username = NotSensibleSearchUsername($_POST['username']);
148	$_POST['username'] = $new_username == '' ? $_POST['username'] : $new_username;
149	}
150	}
151	}
152
153
154
155	/* Admin user management */
156	if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list')
157	{
158	if (isset($_POST['submit_add']))
159	{
160	/* User non case sensitive */
161	if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true' )
162	{
163	$new_username = NotSensibleSearchUsername($_POST['login']);
164	$_POST['login'] = $new_username == '' ? $_POST['login'] : $new_username;
165	}
166
167
168	/* Username without forbidden keys */
169	if (isset($conf_nbc_UserAdvManager[7]) and $conf_nbc_UserAdvManager[7] == 'true' and !empty($_POST['login']) and !ValidateUsername($_POST['login']))
170	{
171	$lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_nbc_UserAdvManager[8]."'";
172	$_POST['login'] = '';
173	}
174	}
175	}
176
177	/* User creation */
178	if (script_basename() == 'register')
179	{
180	if (isset($_POST['submit']))
181	{
182	/* Username non case sensitive */
183	if (isset($conf_nbc_UserAdvManager[1]) and $conf_nbc_UserAdvManager[1] == 'true')
184	{
185	$new_username = NotSensibleSearchUsername($_POST['login']);
186	$_POST['login'] = $new_username == '' ? $_POST['login'] : $new_username;
187	}
188
189
190	/* Username without forbidden keys */
191	if (isset($conf_nbc_UserAdvManager[7]) and $conf_nbc_UserAdvManager[7] == 'true' and !empty($_POST['login']) and !ValidateUsername($_POST['login']))
192	{
193	$lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_nbc_UserAdvManager[8]."'";
194	$_POST['login'] = '';
195	}
196	}
197	}
198
199	/* User profile update */
200	if (script_basename() == 'profile')
201	{
202	if (isset($_POST['validate']))
203	{
204	/* Sending email to user */
205	if (( isset($conf_nbc_UserAdvManager[0]) and $conf_nbc_UserAdvManager[0] == 'true') or ( isset($conf_nbc_UserAdvManager[2]) and $conf_nbc_UserAdvManager[2] == 'true'))
206	{
207	global $conf, $user ;
208	$errors = array();
209
210	$int_pattern = '/^\d+$/';
211	if (empty($_POST['nb_image_line'])
212	or (!preg_match($int_pattern, $_POST['nb_image_line'])))
213	{
214	$errors[] = l10n('nb_image_line_error');
215	}
216
217	if (empty($_POST['nb_line_page'])
218	or (!preg_match($int_pattern, $_POST['nb_line_page'])))
219	{
220	$errors[] = l10n('nb_line_page_error');
221	}
222
223	if ($_POST['maxwidth'] != ''
224	and (!preg_match($int_pattern, $_POST['maxwidth'])
225	or $_POST['maxwidth'] < 50))
226	{
227	$errors[] = l10n('maxwidth_error');
228	}
229	if ($_POST['maxheight']
230	and (!preg_match($int_pattern, $_POST['maxheight'])
231	or $_POST['maxheight'] < 50))
232	{
233	$errors[] = l10n('maxheight_error');
234	}
235	// periods must be integer values, they represents number of days
236	if (!preg_match($int_pattern, $_POST['recent_period'])
237	or $_POST['recent_period'] <= 0)
238	{
239	$errors[] = l10n('periods_error') ;
240	}
241
242	if (isset($_POST['mail_address']))
243	{
244	$mail_error = validate_mail_address($user['id'], $_POST['mail_address']);
245	if (!empty($mail_error))
246	{
247	$errors[] = $mail_error;
248	}
249	}
250
251	$typemail = 3;
252
253	if (!empty($_POST['use_new_pwd']))
254	{
255	$typemail = 2;
256
257	// password must be the same as its confirmation
258	if ($_POST['use_new_pwd'] != $_POST['passwordConf'])
259	{
260	$errors[] = l10n('New password confirmation does not correspond');
261	}
262
263	if ( !defined('IN_ADMIN') )
264	{// changing password requires old password
265	$query = '
266	SELECT '.$conf['user_fields']['password'].' AS password
267	FROM '.USERS_TABLE.'
268	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
269	;';
270	list($current_password) = mysql_fetch_row(pwg_query($query));
271
272	if ($conf['pass_convert']($_POST['password']) != $current_password)
273	{
274	$errors[] = l10n('Current password is wrong');
275	}
276	}
277	}
278
279	$confirm_mail_need = false;
280
281	if (!empty($_POST['mail_address']))
282	{
283	$query = '
284	SELECT '.$conf['user_fields']['email'].' AS email
285	FROM '.USERS_TABLE.'
286	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
287	;';
288	list($current_email) = mysql_fetch_row(pwg_query($query));
289
290	if ( $_POST['mail_address'] != $current_email and ( isset($conf_nbc_UserAdvManager[2]) and $conf_nbc_UserAdvManager[2] == 'true') )
291	$confirm_mail_need = true;
292	}
293
294	if (count($errors) == 0 and (!empty($_POST['use_new_pwd']) and ( isset($conf_nbc_UserAdvManager[0]) and $conf_nbc_UserAdvManager[0] == 'true') or $confirm_mail_need) )
295	{
296	$query = '
297	SELECT '.$conf['user_fields']['username'].'
298	FROM '.USERS_TABLE.'
299	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
300	;';
301	list($username) = mysql_fetch_row(pwg_query($query));
302
303
304	SendMail2User($typemail, $user['id'], $username, $_POST['use_new_pwd'], $_POST['mail_address'], $confirm_mail_need);
305	}
306	}
307	}
308	}
309	}
310
311	add_event_handler('loc_begin_tpl_parse', 'ChangeRegisterProfilePage');
312
313	function ChangeRegisterProfilePage()
314	{
315	global $conf, $template;
316
317	$conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
318
319	/* creation OU mise a jour de user */
320	// if (in_array(script_basename(), array('register', 'profile')))
321	// {
322	//if (isset($conf_UserAdvManager[1]) and $conf_UserAdvManager[1] == 'true' )
323	//{
324	// $template->set_filenames( array('register'=>'register.tpl') );
325
326	// $template->loadfile('register');
327
328	// $template->uncompiled_code['register'] = str_replace('{lang:Mail address}', '* {lang:Mail address}', $template->uncompiled_code['register']);
329	//}
330	// }
331	}
332
333	add_event_handler('user_comment_check', 'UserAdvManager_CheckEmptyCommentAuthor', 50, 2);
334
335	function UserAdvManager_CheckEmptyCommentAuthor($comment_action, $comm)
336	{
337	load_language('plugin.lang', NBC_UserAdvManager_PATH);
338	global $infos, $conf, $template;
339
340	$conf_nbc_UserAdvManager = isset($conf['nbc_UserAdvManager']) ? explode(";" , $conf['nbc_UserAdvManager']) : array();
341
342	/* User creation OR update */
343	if (isset($conf_nbc_UserAdvManager[6]) and $conf_nbc_UserAdvManager[6] == 'true' and $conf['comments_forall'] == 'true' and $comm['author'] == 'guest')
344	{
345	$comment_action = 'reject';
346
347	array_push($infos, l10n('UserAdvManager_Empty Author'));
348	}
349
350	return $comment_action;
351	}
352
353	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: