Context Navigation

source: extensions/NBC_UserAdvManager/trunk/main.inc.php @ 6822

Last change on this file since 6822 was 6822, checked in by Eric, 14 years ago
Bug 1834 fixed - Improving plugin installation and uninstallation process
Property svn:eol-style set to `LF`
File size: 14.9 KB

Rev	Line
[3742]	1	<?php
	2	/*
[5181]	3	Plugin Name: UserAdvManager
[6822]	4	Version: 2.15.6
[4957]	5	Description: Renforcer la gestion des utilisateurs - Enforce users management
[3742]	6	Plugin URI: http://fr.piwigo.org/ext/extension_view.php?eid=216
	7	Author: Nicco, Eric
	8	Author URI: http://gallery-nicco.no-ip.org, http://www.infernoweb.net
	9	*/
	10
[5181]	11	/* History: UAM_PATH.'Changelog.txt.php' */
[3742]	12
	13	/*
	14	*** TODO List ***
[6783]	15	See project bugtracker: http://piwigo.org/bugs/my_view_page.php
[3742]	16	*/
	17
[4927]	18	if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
[5181]	19	if (!defined('UAM_DIR')) define('UAM_DIR' , basename(dirname(__FILE__)));
	20	if (!defined('UAM_PATH')) define('UAM_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
[3742]	21
[5181]	22	include_once (UAM_PATH.'include/constants.php');
	23	include_once (UAM_PATH.'include/functions.inc.php');
[3742]	24
[5181]	25	load_language('plugin.lang', UAM_PATH);
[3858]	26
	27
[3742]	28	/* Plugin admin */
[5056]	29	add_event_handler('get_admin_plugin_menu_links', 'UAM_admin_menu');
[3742]	30
[5056]	31	function UAM_admin_menu($menu)
[3742]	32	{
[5181]	33	// +-----------------------------------------------------------------------+
	34	// \| Getting plugin name \|
	35	// +-----------------------------------------------------------------------+
	36	$plugin = PluginInfos(UAM_PATH);
	37	$name = $plugin['name'];
	38
[3742]	39	array_push($menu,
	40	array(
[5181]	41	'NAME' => $name,
	42	'URL' => get_admin_plugin_menu_link(UAM_PATH.'/admin/UAM_admin.php')
[3742]	43	)
	44	);
	45
	46	return $menu;
	47	}
	48
[4927]	49	/* Lastvisit table feed for Ghost Tracker */
[5056]	50	add_event_handler('loc_begin_index', 'UAM_GhostTracker');
[3742]	51
[5056]	52	function UAM_GhostTracker()
[4143]	53	{
	54	global $conf, $user;
	55
[5181]	56	$conf_UAM = unserialize($conf['UserAdvManager']);
[5056]	57
[5105]	58	/* Admins and Guests are not tracked for Ghost Tracker or Users Tracker */
	59	if (!is_admin() and !is_a_guest())
[4143]	60	{
[6354]	61	if ((isset($conf_UAM[16]) and $conf_UAM[16] == 'true') or (isset($conf_UAM[19]) and $conf_UAM[19] == 'true'))
[5105]	62	{
[4143]	63
[5105]	64	$userid = get_userid($user['username']);
[4143]	65
[5105]	66	/* Looking for existing entry in last visit table */
	67	$query = '
[4143]	68	SELECT *
[4159]	69	FROM '.USER_LASTVISIT_TABLE.'
[4143]	70	WHERE user_id = '.$userid.'
	71	;';
	72
[5633]	73	$count = pwg_db_num_rows(pwg_query($query));
[4143]	74
[5105]	75	if ($count == 0)
	76	{
	77	/* If not, data are inserted in table */
	78	$query = '
[4143]	79	INSERT INTO '.USER_LASTVISIT_TABLE.' (user_id, lastvisit, reminder)
	80	VALUES ('.$userid.', now(), "false")
	81	;';
[5105]	82	pwg_query($query);
	83	}
	84	else if ($count > 0)
	85	{
	86	/* If yes, data are updated in table */
	87	$query = '
[4143]	88	UPDATE '.USER_LASTVISIT_TABLE.'
	89	SET lastvisit = now(), reminder = "false"
	90	WHERE user_id = '.$userid.'
	91	LIMIT 1
	92	;';
[5105]	93	pwg_query($query);
	94	}
[4143]	95	}
	96	}
	97	}
	98
	99
[3742]	100	/* User creation */
[5056]	101	add_event_handler('register_user', 'UAM_Adduser');
[3742]	102
[5056]	103	function UAM_Adduser($register_user)
[3742]	104	{
	105	global $conf;
[5056]	106
[5181]	107	$conf_UAM = unserialize($conf['UserAdvManager']);
[3742]	108
[6757]	109	if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
	110	{
	111	/* This is to send an information email and set user to "waiting" group or status until admin validation */
	112	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
	113	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false);
	114	setgroup($register_user['id']);// Set to "waiting" group or status until admin validation
	115	}
	116	elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
	117	{
	118	/* This is to set user to "wainting" group or status until admin validation */
	119	setgroup($register_user['id']);// Set to "waiting" group or status until admin validation
	120	}
	121	elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'false'))
	122	{
	123	/* This is to send an information email without validation key */
	124	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
	125	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false);
	126	}
[4124]	127	/* Sending registration confirmation by email */
[6757]	128	elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true'))
[4124]	129	{
[6354]	130	if (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'true')
[5064]	131	{
[6757]	132	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
	133	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true);
[5064]	134	}
[6354]	135	elseif (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'false')
[5064]	136	{
[6757]	137	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
	138	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false);
[5064]	139	}
	140	elseif (!is_admin())
	141	{
[6757]	142	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
	143	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true);
[5064]	144	}
[4124]	145	}
[3742]	146	}
	147
	148
	149	/* User deletion */
[5056]	150	add_event_handler('delete_user', 'UAM_Deluser');
[3742]	151
[5056]	152	function UAM_Deluser($user_id)
[3742]	153	{
[4159]	154	/* Cleanup for ConfirmMail table */
[3742]	155	DeleteConfirmMail($user_id);
[4159]	156	/* Cleanup for LastVisit table */
	157	DeleteLastVisit($user_id);
[6775]	158	/* Cleanup Redirection settings */
	159	DeleteRedir($user_id);
[3742]	160	}
	161
	162
[4124]	163	/* Check users registration */
[5056]	164	add_event_handler('register_user_check', 'UAM_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
[3742]	165
[5056]	166	function UAM_RegistrationCheck($err, $user)
[3742]	167	{
[4124]	168	global $errors, $conf;
	169
[4234]	170	/* *********************************************************** */
	171	/* We need to reset the standard Piwigo's register controls */
	172	/* because the call of register_user_check trigger resets them */
	173	/* *********************************************************** */
	174	/* ********************************** */
	175	/* Standard Piwigo's username control */
	176	/* ********************************** */
	177	if ($_POST['login'] == '')
	178	{
	179	return l10n('reg_err_login1');
	180	}
	181	if (preg_match('/^.* $/', $_POST['login']))
	182	{
	183	return l10n('reg_err_login2');
	184	}
	185	if (preg_match('/^ .*$/', $_POST['login']))
	186	{
	187	return l10n('reg_err_login3');
	188	}
	189	if (get_userid($_POST['login']))
	190	{
	191	return l10n('reg_err_login5');
	192	}
[4415]	193
	194	if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') /* not the same email variable if we are on users registration page or on admin's user registration page*/
	195	{
	196	/* Email doblons check */
	197	$atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{\|}~]'; // before arobase
	198	$domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name
	199	$regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';
	200
	201	if (!preg_match($regex, $_POST['email']))
	202	{
	203	return l10n('reg_err_mail_address');
	204	}
	205
	206	$query = '
	207	SELECT count(*)
	208	FROM '.USERS_TABLE.'
	209	WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['email'].'\')
	210	;';
[5633]	211	list($count) = pwg_db_fetch_row(pwg_query($query));
[4415]	212	if ($count != 0)
	213	{
	214	return l10n('reg_err_mail_address_dbl');
	215	}
	216	}
	217
	218	if (script_basename() == 'register') /* not the same email variable if we are on users registration page or on admin's user registration page*/
	219	{
	220	/* Email doblons check */
	221	$atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{\|}~]'; // before arobase
	222	$domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name
	223	$regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';
	224
	225	if (!preg_match($regex, $_POST['mail_address']))
	226	{
	227	return l10n('reg_err_mail_address');
	228	}
	229
	230	$query = '
	231	SELECT count(*)
	232	FROM '.USERS_TABLE.'
	233	WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['mail_address'].'\')
	234	;';
[5633]	235	list($count) = pwg_db_fetch_row(pwg_query($query));
[4415]	236	if ($count != 0)
	237	{
	238	return l10n('reg_err_mail_address_dbl');
	239	}
	240	}
[4234]	241	/* ****************************************** */
	242	/* End of Piwigo's standard register controls */
	243	/* ****************************************** */
	244
	245
	246	/* ****************************************** */
	247	/* Here begins the advanced register controls */
	248	/* ****************************************** */
[4124]	249	$PasswordCheck = 0;
[3742]	250
[5181]	251	$conf_UAM = unserialize($conf['UserAdvManager']);
[5056]	252
[4124]	253	/* Password enforcement control */
[6354]	254	if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14]))
[3742]	255	{
[4124]	256	if (!empty($user['password']) and !is_admin())
[3742]	257	{
[4124]	258	$PasswordCheck = testpassword($user['password']);
	259
[6354]	260	if ($PasswordCheck < $conf_UAM[14])
[3742]	261	{
[4124]	262	$message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);
[6354]	263	return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]);
[3742]	264	}
	265	}
[6354]	266	else if (!empty($user['password']) and is_admin() and isset($conf_UAM[15]) and $conf_UAM[15] == 'true')
[4124]	267	{
	268	$PasswordCheck = testpassword($user['password']);
	269
[6354]	270	if ($PasswordCheck < $conf_UAM[14])
[4124]	271	{
	272	$message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);
[6354]	273	return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]);
[4124]	274	}
	275	}
[3742]	276	}
	277
[4124]	278	/* Username without forbidden keys */
[6354]	279	if (isset($conf_UAM[6]) and $conf_UAM[6] == 'true' and !empty($_POST['login']) and ValidateUsername($_POST['login']) and !is_admin())
[3742]	280	{
[4124]	281	$_POST['login'] = '';
[6354]	282	return($lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_UAM[7]."'");
[3742]	283	}
	284
[4124]	285	/* Email without forbidden domains */
[6354]	286	if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']) and ValidateEmailProvider($_POST['mail_address']) and !is_admin())
[3742]	287	{
[4384]	288	$_POST['mail_address'] = '';
[6354]	289	return($lang['reg_err_login1'] = l10n('reg_err_login7')."'".$conf_UAM[12]."'");
[4384]	290	}
[4124]	291	}
[3742]	292
	293
[4124]	294	if (script_basename() == 'profile')
	295	{
[5056]	296	add_event_handler('loc_begin_profile', 'UAM_Profile_Init');
[3742]	297
[5056]	298	function UAM_Profile_Init()
[4124]	299	{
	300	global $conf, $user, $template;
[3742]	301
[5181]	302	$conf_UAM = unserialize($conf['UserAdvManager']);
[4061]	303
[6775]	304	if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true'))
	305	{
	306	$user_idsOK = array();
	307	if (!check_consult($user['id'], $user_idsOK))
	308	{
	309	$user_idsOK[] = $user['id'];
	310
	311	$query = "
	312	UPDATE ".CONFIG_TABLE."
	313	SET value = \"".implode(',', $user_idsOK)."\"
	314	WHERE param = 'UserAdvManager_Redir';";
	315
	316	pwg_query($query);
	317	}
	318	}
	319
[4927]	320	if (isset($_POST['validate']) and !is_admin())
[3742]	321	{
[4124]	322	/* Email without forbidden domains */
[6354]	323	if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']))
[4384]	324	{
	325	if (ValidateEmailProvider($_POST['mail_address']))
[3742]	326	{
[6354]	327	$template->append('errors', l10n('reg_err_login7')."'".$conf_UAM[12]."'");
[4384]	328	unset($_POST['validate']);
[3742]	329	}
[4384]	330	}
[4124]	331
	332	$typemail = 3;
[3742]	333
[4124]	334	if (!empty($_POST['use_new_pwd']))
	335	{
	336	$typemail = 2;
[3742]	337
[4124]	338	/* Password enforcement control */
[6354]	339	if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14]))
[3742]	340	{
[4124]	341	$PasswordCheck = testpassword($_POST['use_new_pwd']);
	342
[6354]	343	if ($PasswordCheck < $conf_UAM[14])
[3742]	344	{
[4124]	345	$message = get_l10n_args('reg_err_login4_%s', $PasswordCheck);
[6354]	346	$template->append('errors', l10n_args($message).$conf_UAM[14]);
[4124]	347	unset($_POST['use_new_pwd']);
	348	unset($_POST['validate']);
[3742]	349	}
	350	}
[4124]	351	}
	352
	353	/* Sending registration confirmation by email */
[6757]	354	if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or (isset($conf_UAM[1]) and $conf_UAM[1] == 'true') or (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
[4124]	355	{
[3742]	356	$confirm_mail_need = false;
	357
[4316]	358	if (!empty($_POST['mail_address']))
[3742]	359	{
	360	$query = '
[4143]	361	SELECT '.$conf['user_fields']['email'].' AS email
	362	FROM '.USERS_TABLE.'
	363	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
	364	;';
[4124]	365
[5633]	366	list($current_email) = pwg_db_fetch_row(pwg_query($query));
[6757]	367
	368	/* This is to send a new validation key */
	369	if ($_POST['mail_address'] != $current_email and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true'))
[4124]	370
[3742]	371	$confirm_mail_need = true;
[6757]	372
	373	/* This is to set the user to "waiting" group or status until admin validation */
	374	if ($_POST['mail_address'] != $current_email and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
	375
	376	setgroup($register_user['id']);// Set to "waiting" group or status until admin validation
	377	$confirm_mail_need = false;
[3742]	378	}
[4124]	379
[5056]	380	if ((!empty($_POST['use_new_pwd']) and (isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or $confirm_mail_need))
[3742]	381	{
	382	$query = '
[4143]	383	SELECT '.$conf['user_fields']['username'].'
	384	FROM '.USERS_TABLE.'
	385	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
	386	;';
[4124]	387
[5633]	388	list($username) = pwg_db_fetch_row(pwg_query($query));
[3742]	389
	390	SendMail2User($typemail, $user['id'], $username, $_POST['use_new_pwd'], $_POST['mail_address'], $confirm_mail_need);
	391	}
	392	}
	393	}
	394	}
	395	}
	396
[4124]	397
[6775]	398	// RedirectToProfile - Thx to LucMorizur
[6784]	399	// redirects a visitor (except for admins, webmasters and generic statuses) to his
[6775]	400	// profile.php page
	401	//
	402	// no variable, no return
	403	add_event_handler('login_success', 'RedirectToProfile');
	404
	405	function RedirectToProfile()
	406	{
	407	global $conf, $user;
	408
	409	$conf_UAM = unserialize($conf['UserAdvManager']);
[6784]	410
	411	$query ='
	412	SELECT user_id, status
	413	FROM '.USER_INFOS_TABLE.'
	414	WHERE user_id = '.$user['id'].'
	415	;';
	416	$data = pwg_db_fetch_assoc(pwg_query($query));
	417
	418	if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic")
[6775]	419	{
[6784]	420	if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true'))
	421	{
	422	$user_idsOK = array();
	423	if (!check_consult($user['id'], $user_idsOK))
	424	redirect(PHPWG_ROOT_PATH.'profile.php');
	425	}
[6775]	426	}
	427	}
	428
	429
[5056]	430	add_event_handler('init', 'UAM_InitPage');
[4384]	431	/* * Important ! This is necessary to make email exclusion work in admin's users management panel * */
[5056]	432	function UAM_InitPage()
[4124]	433	{
[5181]	434	load_language('plugin.lang', UAM_PATH);
[4124]	435	global $conf, $template, $page, $lang, $errors;
	436
[5181]	437	$conf_UAM = unserialize($conf['UserAdvManager']);
[4124]	438
	439	/* Admin user management */
	440	if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list')
	441	{
	442	if (isset($_POST['submit_add']))
	443	{
[4384]	444	/* Email without forbidden domains */
[6354]	445	if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['email']) and ValidateEmailProvider($_POST['email']))
[4124]	446	{
[6354]	447	$template->append('errors', l10n('reg_err_login7')."'".$conf_UAM[12]."'");
[4124]	448	unset($_POST['submit_add']);
	449	}
	450	}
	451	}
	452	}
	453
[4135]	454
[5056]	455	add_event_handler('user_comment_check', 'UAM_CheckEmptyCommentAuthor', 50, 2);
[3742]	456
[5056]	457	function UAM_CheckEmptyCommentAuthor($comment_action, $comm)
[3742]	458	{
[5181]	459	load_language('plugin.lang', UAM_PATH);
[3742]	460	global $infos, $conf, $template;
	461
[5181]	462	$conf_UAM = unserialize($conf['UserAdvManager']);
[3742]	463
	464	/* User creation OR update */
[6354]	465	if (isset($conf_UAM[5]) and $conf_UAM[5] == 'true' and $conf['comments_forall'] == 'true' and $comm['author'] == 'guest')
[3742]	466	{
	467	$comment_action = 'reject';
	468
[5056]	469	array_push($infos, l10n('UAM_Empty Author'));
[3742]	470	}
	471
	472	return $comment_action;
	473	}
	474	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: