Ignore:
Timestamp:
Apr 6, 2013, 5:27:15 PM (7 years ago)
Author:
Eric
Message:
  • Bug fixed : Admins passwords synchronization between FluxBB and Piwigo when changed
  • Bug fixed : Password synchronization between FluxBB and Piwigo if a user uses Piwigo's password recovery system
  • Bug fixed : Exclude password comparison from audit
  • Todo : Recode synch, migration and audit actions for existing users before plugin activation - Have to take care on passwords !
File:
1 edited

Legend:

Unmodified
Added
Removed
  • extensions/Register_FluxBB/admin/admin.php

    r21913 r22039  
    2424$plugin =  RegFluxBB_Infos(REGFLUXBB_PATH);
    2525$version = $plugin['version'] ;
    26 
    27 // +-----------------------------------------------------------------------+
    28 // |                            Actions process                            |
    29 // +-----------------------------------------------------------------------+
    30 if (isset($_GET['action']) and ($_GET['action']=='link_dead'))
    31 {
    32   $query = '
    33 DELETE FROM '.Register_FluxBB_ID_TABLE.'
    34 WHERE id_user_FluxBB NOT IN (
    35   SELECT id
    36   FROM '.FluxBB_USERS_TABLE.'
    37   )
    38 OR id_user_pwg NOT IN (
    39   SELECT id
    40   FROM '.USERS_TABLE.'
    41   )
    42 ;';
    43 
    44   $result = pwg_query($query);
    45  
    46   Audit_PWG_FluxBB();
    47 }
    48 else if (isset($_GET['action']) and ($_GET['action']=='link_del') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
    49 {
    50   $query = '
    51 DELETE FROM '.Register_FluxBB_ID_TABLE.'
    52 WHERE id_user_pwg = '.$_GET['pwg_id'].'
    53 AND id_user_FluxBB = '.$_GET['bb_id'].'
    54 ;';
    55 
    56   $result = pwg_query($query);
    57  
    58   Audit_PWG_FluxBB();
    59 }
    60 else if (isset($_GET['action']) and ($_GET['action']=='new_link') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
    61 {
    62   FluxBB_Linkuser($_GET['pwg_id'], $_GET['bb_id']);
    63  
    64   Audit_PWG_FluxBB();
    65 }
    66 else if (isset($_GET['action']) and ($_GET['action']=='sync_user') and isset($_GET['username']))
    67 {
    68   $query = '
    69 SELECT id AS id_pwg, username, password, mail_address
    70 FROM '.USERS_TABLE.'
    71 WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
    72 AND username NOT IN ("18","16")
    73 LIMIT 1
    74 ;';
    75 
    76   $data = pwg_db_fetch_assoc(pwg_query($query));
    77  
    78   if (!empty($data))
    79   {
    80     FluxBB_Updateuser($data['id_pwg'], stripslashes($data['username']), $data['password'], $data['mail_address']);
    81   }
    82  
    83   Audit_PWG_FluxBB();
    84 }
    85 else if (isset($_GET['action']) and ($_GET['action']=='add_user') and isset($_GET['username']))
    86 {
    87   $query = '
    88 SELECT id, username, password, mail_address
    89 FROM '.USERS_TABLE.'
    90 WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
    91 AND username NOT IN ("18","16")
    92 LIMIT 1
    93 ;';
    94 
    95   $data = pwg_db_fetch_assoc(pwg_query($query));
    96  
    97   if (!empty($data))
    98     FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']); 
    99  
    100     Audit_PWG_FluxBB();
    101 }
    102 else if (isset($_GET['action']) and ($_GET['action']=='del_user') and isset($_GET['id']))
    103 {
    104   FluxBB_Deluser( $_GET['id'], true );
    105  
    106   Audit_PWG_FluxBB();
    107 }
    108 
    10926
    11027// +------------------------------------------------------------------+
     
    223140// |                    Migration and Audit                     |
    224141// +------------------------------------------------------------+
    225 if (isset($_POST['Migration']))
    226 {
    227   array_push($page['infos'], l10n('Mig_Start').'<br><br>');
    228 
    229   array_push($page['infos'], l10n('Mig_Del_Link').'<br><br>');
    230 
    231   $query = 'TRUNCATE '.Register_FluxBB_ID_TABLE.';';
    232   $result = pwg_query($query);
    233 
    234   $msg_Mig_Del_AllUsers = '';
    235 
    236   $query = '
    237 SELECT username, id
    238 FROM '.FluxBB_USERS_TABLE.'
    239 ;';
    240 
    241   $result = pwg_query($query);
    242 
    243   while ($row = pwg_db_fetch_assoc($result))
    244   {
    245     if((stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_GUEST'])) and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
    246     {
    247       $msg_Mig_Del_AllUsers .= '<br> - '.l10n('Mig_Del_User').stripslashes($row['username']);
    248 
    249       FluxBB_Deluser($row['id'], false);
    250     }
    251   }
    252 
    253   array_push($page['infos'], l10n('Mig_Del_AllUsers').$msg_Mig_Del_AllUsers.'<br><br>');
    254 
    255   $query = '
    256 SELECT id, username, password, mail_address
    257 FROM '.USERS_TABLE.'
    258 WHERE username NOT IN ("18","16")
    259 ;';
    260 
    261   $result = pwg_query($query);
    262 
    263   $registred = time();
    264   $registred_ip = $_SERVER['REMOTE_ADDR'];
    265 
    266   $msg_Mig_Add_AllUsers = '';
    267 
    268   while ($row = pwg_db_fetch_assoc($result))
    269   {
    270     if((stripslashes($row['username']) != 'guest') and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
    271     {
    272       $msg_Mig_Add_AllUsers .= '<br> - '.l10n('Mig_Add_User').stripslashes($row['username']);
    273 
    274       FluxBB_Adduser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
    275     }
    276   }
    277 
    278   array_push($page['infos'], l10n('Mig_Add_AllUsers').$msg_Mig_Add_AllUsers.'<br><br>');
    279 
    280   $query = '
    281 SELECT id, username, password, mail_address
    282 FROM '.USERS_TABLE.'
    283 WHERE username = "'.$conf_Register_FluxBB['FLUXBB_ADMIN'].'"
    284 AND username NOT IN ("18","16")
    285 ;';
    286 
    287   $row = pwg_db_fetch_assoc(pwg_query($query));
    288 
    289   if (!empty($row))
    290   {
    291     array_push($page['infos'], l10n('Sync_User').stripslashes($row['username']).'<br><br>');
    292 
    293     FluxBB_Updateuser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
    294   }
    295 
    296   array_push($page['infos'], l10n('Mig_End'));
    297 }
    298 else if (isset($_POST['Audit']))
    299 {
    300   Audit_PWG_FluxBB();
    301 }
     142//if (isset($_POST['Migration']))
     143//{
     144//  array_push($page['infos'], l10n('Mig_Start').'<br><br>');
     145//
     146//  array_push($page['infos'], l10n('Mig_Del_Link').'<br><br>');
     147//
     148//  $query = 'TRUNCATE '.Register_FluxBB_ID_TABLE.';';
     149//  $result = pwg_query($query);
     150//
     151//  $msg_Mig_Del_AllUsers = '';
     152//
     153//  $query = '
     154//SELECT username, id
     155//FROM '.FluxBB_USERS_TABLE.'
     156//;';
     157//
     158//  $result = pwg_query($query);
     159//
     160//  while ($row = pwg_db_fetch_assoc($result))
     161//  {
     162//    if((stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_GUEST'])) and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
     163//    {
     164//      $msg_Mig_Del_AllUsers .= '<br> - '.l10n('Mig_Del_User').stripslashes($row['username']);
     165//
     166//      FluxBB_Deluser($row['id'], false);
     167//    }
     168//  }
     169//
     170//  array_push($page['infos'], l10n('Mig_Del_AllUsers').$msg_Mig_Del_AllUsers.'<br><br>');
     171//
     172//  $query = '
     173//SELECT id, username, password, mail_address
     174//FROM '.USERS_TABLE.'
     175//WHERE username NOT IN ("18","16")
     176//;';
     177//
     178//  $result = pwg_query($query);
     179//
     180//  $registred = time();
     181//  $registred_ip = $_SERVER['REMOTE_ADDR'];
     182//
     183//  $msg_Mig_Add_AllUsers = '';
     184//
     185//  while ($row = pwg_db_fetch_assoc($result))
     186//  {
     187//    if((stripslashes($row['username']) != 'guest') and (stripslashes($row['username']) != stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN'])))
     188//    {
     189//      $msg_Mig_Add_AllUsers .= '<br> - '.l10n('Mig_Add_User').stripslashes($row['username']);
     190//
     191//      FluxBB_Adduser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
     192//    }
     193//  }
     194//
     195//  array_push($page['infos'], l10n('Mig_Add_AllUsers').$msg_Mig_Add_AllUsers.'<br><br>');
     196//
     197//  $query = '
     198//SELECT id, username, password, mail_address
     199//FROM '.USERS_TABLE.'
     200//WHERE username = "'.$conf_Register_FluxBB['FLUXBB_ADMIN'].'"
     201//AND username NOT IN ("18","16")
     202//;';
     203//
     204//  $row = pwg_db_fetch_assoc(pwg_query($query));
     205//
     206//  if (!empty($row))
     207//  {
     208//    array_push($page['infos'], l10n('Sync_User').stripslashes($row['username']).'<br><br>');
     209//
     210//    FluxBB_Updateuser($row['id'], stripslashes($row['username']), $row['password'], $row['mail_address']);
     211//  }
     212//
     213//  array_push($page['infos'], l10n('Mig_End'));
     214//}
     215//else if (isset($_POST['Audit']))
     216//{
     217//  Audit_PWG_FluxBB();
     218//}
    302219
    303220
     
    491408      $msg_error_Link_Bad = l10n('Sync_Link_Bad').$msg_error_Link_Bad;
    492409
    493     $query = '
    494 SELECT pwg.id as pwg_id, pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.id as bb_id, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
    495 FROM '.FluxBB_USERS_TABLE.' AS FluxBB
    496 INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
    497 INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
    498 AND BINARY pwg.username = BINARY FluxBB.username
    499 ORDER BY LOWER(pwg.username)
    500 ;';
    501 
    502     $result = pwg_query($query);
    503 
    504     while($row = pwg_db_fetch_assoc($result))
    505     {
    506       if ( ($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']) )
    507       {
    508         $msg_error_Synchro .= '<br>'.l10n('Sync_User').stripslashes($row['username']);
    509 
    510         $query = '
    511 SELECT id, username, password, mail_address
    512 FROM '.USERS_TABLE.'
    513 WHERE BINARY id = "'.$row['pwg_id'].'"
    514 AND "'.$row['username'].'" NOT IN ("18","16")
    515 ;';
    516 
    517         $data = pwg_db_fetch_assoc(pwg_query($query));
    518 
    519         if (!empty($data))
    520           FluxBB_Updateuser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
    521       }
    522     }
     410//    $query = '
     411//SELECT pwg.id as pwg_id, pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.id as bb_id, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
     412//FROM '.FluxBB_USERS_TABLE.' AS FluxBB
     413//INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
     414//INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
     415//AND BINARY pwg.username = BINARY FluxBB.username
     416//ORDER BY LOWER(pwg.username)
     417//;';
     418//
     419//    $result = pwg_query($query);
     420//
     421//    while($row = pwg_db_fetch_assoc($result))
     422//    {
     423//      if ( ($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']) )
     424//      {
     425//        $msg_error_Synchro .= '<br>'.l10n('Sync_User').stripslashes($row['username']);
     426//
     427//        $query = '
     428//SELECT id, username, password, mail_address
     429//FROM '.USERS_TABLE.'
     430//WHERE BINARY id = "'.$row['pwg_id'].'"
     431//AND "'.$row['username'].'" NOT IN ("18","16")
     432//;';
     433//
     434//        $data = pwg_db_fetch_assoc(pwg_query($query));
     435//
     436//        if (!empty($data))
     437//          FluxBB_Updateuser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']);
     438//      }
     439//    }
    523440
    524441    if ($msg_error_Synchro == '')
     
    527444      $msg_error_Synchro = l10n('Sync_DataUser').$msg_error_Synchro;
    528445
    529     $query = '
    530 SELECT username, mail_address FROM '.USERS_TABLE.'
    531 WHERE BINARY username <> BINARY "guest"
    532 AND username NOT IN ("18","16")
    533 AND id not in (
    534   SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
    535   )
    536 AND BINARY username not in (
    537   SELECT username FROM '.FluxBB_USERS_TABLE.'
    538   )
    539 ORDER BY LOWER(username)
    540 ;';
    541 
    542     $result = pwg_query($query);
    543 
    544     while($row = pwg_db_fetch_assoc($result))
    545     {
    546       $msg_error_PWG2FluxBB .= '<br>'.l10n('Add_User').stripslashes($row['username']).' ('.$row['mail_address'].')';
    547 
    548       $query = '
    549 SELECT id, username, password, mail_address
    550 FROM '.USERS_TABLE.'
    551 WHERE BINARY username = BINARY "'.$row['username'].'"
    552 AND username NOT IN ("18","16")
    553 LIMIT 1
    554 ;';
    555 
    556       $data = pwg_db_fetch_assoc(pwg_query($query));
    557 
    558       if (!empty($data))
    559         FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']); 
    560     }
     446//    $query = '
     447//SELECT username, mail_address FROM '.USERS_TABLE.'
     448//WHERE BINARY username <> BINARY "guest"
     449//AND username NOT IN ("18","16")
     450//AND id not in (
     451//  SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
     452//  )
     453//AND BINARY username not in (
     454//  SELECT username FROM '.FluxBB_USERS_TABLE.'
     455//  )
     456//ORDER BY LOWER(username)
     457//;';
     458//
     459//    $result = pwg_query($query);
     460//
     461//    while($row = pwg_db_fetch_assoc($result))
     462//    {
     463//      $msg_error_PWG2FluxBB .= '<br>'.l10n('Add_User').stripslashes($row['username']).' ('.$row['mail_address'].')';
     464//
     465//      $query = '
     466//SELECT id, username, password, mail_address
     467//FROM '.USERS_TABLE.'
     468//WHERE BINARY username = BINARY "'.$row['username'].'"
     469//AND username NOT IN ("18","16")
     470//LIMIT 1
     471//;';
     472//
     473//      $data = pwg_db_fetch_assoc(pwg_query($query));
     474//
     475//      if (!empty($data))
     476//        FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']); 
     477//    }
    561478
    562479    if ($msg_error_PWG2FluxBB == '')
     
    626543else if ( isset($_POST['Audit']))
    627544{
     545  Audit_PWG_FluxBB();
     546}
     547
     548
     549// +---------------------------------------------------------------+
     550// |                       Audit function                          |
     551// +---------------------------------------------------------------+
     552function Audit_PWG_FluxBB()
     553{
     554  global $page, $conf, $errors;
     555
     556  $page_Register_FluxBB_admin = get_admin_plugin_menu_link(__FILE__);
     557
     558  $conf_Register_FluxBB = unserialize($conf['Register_FluxBB']);
     559
     560  $msg_error_PWG_Dup = '';
     561  $msg_error_FluxBB_Dup = '';
     562  $msg_error_Link_Break = '';
     563  $msg_error_Link_Bad = '';
     564  $msg_error_Synchro = '';
     565  $msg_ok_Synchro = '';
     566  $msg_error_PWG2FluxBB = '';
     567  $msg_error_FluxBB2PWG = '';
     568
     569// Check duplicate accounts in Piwigo users table
     570// ----------------------------------------------
     571  $query = '
     572SELECT COUNT(*) AS nbr_dup, id, username
     573FROM '.USERS_TABLE.'
     574WHERE username NOT IN ("18","16")
     575AND username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     576GROUP BY BINARY username
     577HAVING COUNT(*) > 1
     578;';
     579  $result = pwg_query($query);
     580 
     581  while($row = pwg_db_fetch_assoc($result))
     582    $msg_error_PWG_Dup .= '<br>'.l10n('Error_PWG_Dup').$row['nbr_dup'].' x '.stripslashes($row['username']);
     583
     584  if ($msg_error_PWG_Dup == '')
     585    array_push($page['infos'], l10n('Audit_PWG_Dup').'<br>'.l10n('Audit_OK'));
     586  else
     587    $msg_error_PWG_Dup = l10n('Audit_PWG_Dup').$msg_error_PWG_Dup.'<br>'.l10n('Advise_PWG_Dup');
     588 
     589
     590// Check duplicate accounts in FluxBB users table
     591// ----------------------------------------------
     592  $query = '
     593SELECT COUNT(*) AS nbr_dup, username
     594FROM '.FluxBB_USERS_TABLE.'
     595GROUP BY BINARY username
     596HAVING COUNT(*) > 1
     597;';
     598  $result = pwg_query($query);
     599 
     600  while($row = pwg_db_fetch_assoc($result))
     601  {
     602    $msg_error_FluxBB_Dup .= '<br>'.l10n('Error_FluxBB_Dup').$row['nbr_dup'].' x '.stripslashes($row['username']);
     603
     604    $subquery = '
     605SELECT id, username, email
     606FROM '.FluxBB_USERS_TABLE.'
     607WHERE BINARY username = BINARY "'.$row['username'].'"
     608AND username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     609;';
     610    $subresult = pwg_query($subquery);
     611 
     612    while($subrow = pwg_db_fetch_assoc($subresult))
     613    {
     614      $msg_error_FluxBB_Dup .= '<br>id:'.$subrow['id'].'='.stripslashes($subrow['username']).' ('.$subrow['email'].')';
     615 
     616      $msg_error_FluxBB_Dup .= ' <a href="';
     617     
     618      $msg_error_FluxBB_Dup .= add_url_params($page_Register_FluxBB_admin, array(
     619        'action' => 'del_user',
     620        'id' => $subrow['id'],
     621      ));
     622       
     623      $msg_error_FluxBB_Dup .= '" title="'.l10n('Del_User').stripslashes($subrow['username']).'"';
     624       
     625      $msg_error_FluxBB_Dup .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     626       
     627      $msg_error_FluxBB_Dup .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_delete.png" alt="'.l10n('Del_User').$subrow['username'].'" /></a>';
     628    }
     629  }
     630
     631  if ($msg_error_FluxBB_Dup == '')
     632    array_push($page['infos'], l10n('Audit_FluxBB_Dup').'<br>'.l10n('Audit_OK'));
     633  else
     634    $msg_error_FluxBB_Dup = l10n('Audit_FluxBB_Dup').$msg_error_FluxBB_Dup.'<br>'.l10n('Advise_FluxBB_Dup');
     635 
     636
     637// Check links between Piwigo and FluxBB users
     638// -------------------------------------------
     639  // Check fixable broken links between Piwigo and FluxBB users
     640  // ----------------------------------------------------------
     641  $query = '
     642SELECT pwg.id as pwg_id, bb.id as bb_id, pwg.username as pwg_user, pwg.mail_address as pwg_mail
     643FROM '.FluxBB_USERS_TABLE.' AS bb, '.USERS_TABLE.' as pwg
     644WHERE bb.id NOT in (
     645  SELECT id_user_FluxBB
     646  FROM '.Register_FluxBB_ID_TABLE.'
     647  )
     648AND pwg.id NOT in (
     649  SELECT id_user_pwg
     650  FROM '.Register_FluxBB_ID_TABLE.'
     651  )
     652AND pwg.username = bb.username
     653AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     654AND pwg.username NOT IN ("18","16")
     655AND pwg.mail_address = bb.email
     656;';
     657
     658  $result = pwg_query($query);
     659
     660  while($row = pwg_db_fetch_assoc($result))
     661  {
     662    $msg_error_Link_Break .= '<br>'.l10n('Error_Link_Break').stripslashes($row['pwg_user']).' ('.$row['pwg_mail'].')';
     663
     664    $msg_error_Link_Break .= ' <a href="';
     665
     666    $msg_error_Link_Break .= add_url_params($page_Register_FluxBB_admin, array(
     667      'action'   => 'new_link',
     668      'pwg_id' => $row['pwg_id'],
     669      'bb_id' => $row['bb_id'],
     670    ));
     671
     672    $msg_error_Link_Break .= '" title="'.l10n('New_Link').stripslashes($row['pwg_user']).'"';
     673
     674    $msg_error_Link_Break .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     675
     676    $msg_error_Link_Break .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_break.png" alt="'.l10n('New_Link').stripslashes($row['pwg_user']).'" /></a>';
     677  }
     678
     679  if ($msg_error_Link_Break == '')
     680    array_push($page['infos'], l10n('Audit_Link_Break').'<br>'.l10n('Audit_OK'));
     681  else
     682    $msg_error_Link_Break = l10n('Audit_Link_Break').$msg_error_Link_Break;
     683
     684
     685  // Check not fixable broken links between Piwigo and FluxBB users
     686  // --------------------------------------------------------------
     687  $query = '
     688SELECT pwg.username as pwg_user, pwg.id as pwg_id, pwg.mail_address as pwg_mail, bb.id as bb_id, bb.username as bb_user, bb.email as bb_mail
     689FROM '.FluxBB_USERS_TABLE.' AS bb
     690INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = bb.id
     691INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
     692WHERE pwg.username <> bb.username
     693AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     694AND pwg.username NOT IN ("18","16")
     695;';
     696
     697  $result = pwg_query($query);
     698 
     699  while($row = pwg_db_fetch_assoc($result))
     700  {
     701    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Del').stripslashes($row['pwg_user']).' ('.$row['pwg_mail'].')'.' -- '.stripslashes($row['bb_user']).' ('.$row['bb_mail'].')';
     702
     703    $msg_error_Link_Bad .= ' <a href="';
     704 
     705    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
     706      'action'   => 'link_del',
     707      'pwg_id' => $row['pwg_id'],
     708      'bb_id'  => $row['bb_id'],
     709    ));
     710
     711    $msg_error_Link_Bad .= '" title="'.l10n('Link_Del').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'"';
     712
     713    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     714
     715    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_delete.png" alt="'.l10n('Link_Del').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'" /></a>';
     716
     717    $msg_error_Link_Bad .= ' -- <a href="';
     718
     719    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
     720      'action' => 'sync_user',
     721      'username' => stripslashes($row['pwg_user']),
     722    ));
     723
     724    $msg_error_Link_Bad .= '" title="'.l10n('Sync_User').stripslashes($row['pwg_user']).' --> '.stripslashes($row['bb_user']).'"';
     725
     726    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     727
     728    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/arrow_switch.png" alt="'.l10n('Sync_User').stripslashes($row['pwg_user']).' --> '.stripslashes($row['bb_user']).'" /></a>';
     729  }
     730
     731
     732  // Check dead links between Piwigo and FluxBB users
     733  // ------------------------------------------------
     734  $query = '
     735SELECT COUNT(*) as nbr_dead
     736FROM '.Register_FluxBB_ID_TABLE.' AS Link
     737WHERE id_user_FluxBB NOT IN (
     738  SELECT id
     739  FROM '.FluxBB_USERS_TABLE.'
     740  )
     741OR id_user_pwg NOT IN (
     742  SELECT id
     743  FROM '.USERS_TABLE.'
     744  )
     745;';
     746
     747  $Compteur = pwg_db_fetch_assoc(pwg_query($query));
     748
     749  if (!empty($Compteur) and $Compteur['nbr_dead'] > 0)
     750  {
     751    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Dead').$Compteur['nbr_dead'];
     752
     753    $msg_error_Link_Bad .= ' <a href="';
     754
     755    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
     756      'action'   => 'link_dead',
     757    ));
     758
     759    $msg_error_Link_Bad .= '" title="'.l10n('Link_Dead').$Compteur['nbr_dead'].'"';
     760
     761    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     762
     763    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_delete.png" alt="'.l10n('Link_Dead').$Compteur['nbr_dead'].'" /></a>';
     764  }
     765
     766
     767  // Check duplicated links between Piwigo and FluxBB users
     768  // ------------------------------------------------------
     769  $query = '
     770SELECT COUNT(*) AS nbr_dup, pwg.id AS pwg_id, pwg.username AS pwg_user, bb.username AS bb_user, bb.id AS bb_id
     771FROM '.FluxBB_USERS_TABLE.' AS bb
     772INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = bb.id
     773INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
     774WHERE pwg.username NOT IN ("18","16")
     775AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     776GROUP BY link.id_user_pwg, link.id_user_FluxBB
     777HAVING COUNT(*) > 1
     778;';
     779
     780  $result = pwg_query($query);
     781
     782  while($row = pwg_db_fetch_assoc($result))
     783  {
     784    $msg_error_Link_Bad .= '<br>'.l10n('Error_Link_Dup').$row['nbr_dup'].' = '.stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).')';
     785
     786    $msg_error_Link_Bad .= ' <a href="';
     787
     788    $msg_error_Link_Bad .= add_url_params($page_Register_FluxBB_admin, array(
     789      'action'   => 'new_link',
     790      'pwg_id' => $row['pwg_id'],
     791      'bb_id' => $row['bb_id'],
     792    ));
     793
     794    $msg_error_Link_Bad .= '" title="'.l10n('Link_Dup').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'"';
     795
     796    $msg_error_Link_Bad .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     797
     798    $msg_error_Link_Bad .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/link_error.png" alt="'.l10n('Link_Dup').stripslashes($row['pwg_user']).' -- '.stripslashes($row['bb_user']).'" /></a>';
     799  }
     800
     801  if ($msg_error_Link_Bad == '')
     802    array_push($page['infos'], l10n('Audit_Link_Bad').'<br>'.l10n('Audit_OK'));
     803  else
     804    $msg_error_Link_Bad = l10n('Audit_Link_Bad').$msg_error_Link_Bad;
     805
     806
     807// Check synch between Piwigo and FluxBB users
     808// -------------------------------------------
     809  $query = '
     810SELECT pwg.username as username, pwg.password as pwg_pwd, pwg.mail_address as pwg_eml, FluxBB.password as bb_pwd, FluxBB.email as bb_eml
     811FROM '.FluxBB_USERS_TABLE.' AS FluxBB
     812INNER JOIN '.Register_FluxBB_ID_TABLE.' AS link ON link.id_user_FluxBB = FluxBB.id
     813INNER JOIN '.USERS_TABLE.' as pwg ON link.id_user_pwg = pwg.id
     814WHERE BINARY pwg.username = BINARY FluxBB.username
     815AND pwg.username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     816AND pwg.username NOT IN ("18","16")
     817ORDER BY LOWER(pwg.username)
     818;';
     819
     820  $result = pwg_query($query);
     821 
     822  while($row = pwg_db_fetch_assoc($result))
     823  {
     824    if (($row['pwg_pwd'] != $row['bb_pwd']) or ($row['pwg_eml'] != $row['bb_eml']))
     825    {
     826      $msg_error_Synchro .= '<br>'.l10n('Error_Synchro').stripslashes($row['username']);
     827
     828      $msg_error_Synchro .= ' <a href="';
     829
     830      $msg_error_Synchro .= add_url_params($page_Register_FluxBB_admin, array(
     831        'action' => 'sync_user',
     832        'username' => stripslashes($row['username']),
     833      ));
     834
     835      $msg_error_Synchro .= '" title="'.l10n('Sync_User').stripslashes($row['username']).'"';
     836
     837      $msg_error_Synchro .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     838
     839      $msg_error_Synchro .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_refresh.png" alt="'.l10n('Sync_User').stripslashes($row['username']).'" /></a>';
     840
     841      if ($row['pwg_pwd'] != $row['bb_pwd'])
     842        $msg_error_Synchro .= '<br>'.l10n('Error_Synchro_Pswd');
     843
     844      if ($row['pwg_eml'] != $row['bb_eml'])
     845        $msg_error_Synchro .= '<br>'.l10n('Error_Synchro_Mail').'<br>-- PWG = '.$row['pwg_eml'].'<br>-- FluxBB = '.$row['bb_eml'];
     846    }
     847    else if ($conf_Register_FluxBB['FLUXBB_DETAIL'] == 'true')
     848      $msg_ok_Synchro .= '<br> - '.stripslashes($row['username']).' ('.$row['pwg_eml'].')'.l10n('Audit_Synchro_OK');
     849  }
     850
     851  if ($msg_error_Synchro <> '')
     852    $msg_error_Synchro = l10n('Audit_Synchro').$msg_error_Synchro;
     853   
     854  if ($msg_ok_Synchro <> '')
     855    if ($msg_error_Synchro <> '')
     856      array_push($page['infos'], l10n('Audit_Synchro').$msg_ok_Synchro.'<br><br>');
     857    else
     858      array_push($page['infos'], l10n('Audit_Synchro').$msg_ok_Synchro.'<br><br>'.l10n('Audit_OK'));
     859
     860
     861  $query = '
     862SELECT username, mail_address FROM '.USERS_TABLE.'
     863WHERE BINARY username <> BINARY "guest"
     864AND username NOT IN ("18","16")
     865AND username <> "'.stripslashes($conf_Register_FluxBB['FLUXBB_ADMIN']).'"
     866AND id not in (
     867  SELECT id_user_pwg FROM '.Register_FluxBB_ID_TABLE.'
     868  )
     869AND BINARY username not in (
     870  SELECT username FROM '.FluxBB_USERS_TABLE.'
     871  )
     872ORDER BY LOWER(username)
     873;';
     874
     875  $result = pwg_query($query);
     876
     877  while($row = pwg_db_fetch_assoc($result))
     878  {
     879    $msg_error_PWG2FluxBB .= '<br>'.l10n('Error_PWG2FluxBB').stripslashes($row['username']).' ('.$row['mail_address'].')';
     880
     881    $msg_error_PWG2FluxBB .= ' <a href="';
     882
     883    $msg_error_PWG2FluxBB .= add_url_params($page_Register_FluxBB_admin, array(
     884      'action' => 'add_user',
     885      'username' => stripslashes($row['username']),
     886    ));
     887
     888    $msg_error_PWG2FluxBB .= '" title="'.l10n('Add_User').stripslashes($row['username']).'" ';
     889
     890    $msg_error_PWG2FluxBB .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     891
     892    $msg_error_PWG2FluxBB .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_add.png" alt="'.l10n('Add_User').stripslashes($row['username']).'" /></a>';
     893  }
     894
     895  if ($msg_error_PWG2FluxBB == '')
     896    array_push($page['infos'], l10n('Audit_PWG2FluxBB').'<br>'.l10n('Audit_OK'));
     897  else
     898    $msg_error_PWG2FluxBB = l10n('Audit_PWG2FluxBB').$msg_error_PWG2FluxBB;
     899
     900
     901  $query = '
     902SELECT id, username, email FROM '.FluxBB_USERS_TABLE.'
     903WHERE BINARY username <> BINARY "'.$conf_Register_FluxBB['FLUXBB_GUEST'].'"
     904AND BINARY username <> BINARY "'.$conf_Register_FluxBB['FLUXBB_ADMIN'].'"
     905AND id not in (
     906  SELECT id_user_FluxBB FROM '.Register_FluxBB_ID_TABLE.'
     907  )
     908AND BINARY username not in (
     909  SELECT username FROM '.USERS_TABLE.'
     910  )
     911ORDER BY LOWER(username)
     912;';
     913
     914  $result = pwg_query($query);
     915
     916  while($row = pwg_db_fetch_assoc($result))
     917  {
     918    $msg_error_FluxBB2PWG .= '<br>'.l10n('Error_FluxBB2PWG').stripslashes($row['username']).' ('.$row['email'].')';
     919
     920    $msg_error_FluxBB2PWG .= ' <a href="';
     921
     922    $msg_error_FluxBB2PWG .= add_url_params($page_Register_FluxBB_admin, array(
     923      'action' => 'del_user',
     924      'id' => $row['id'],
     925    ));
     926
     927    $msg_error_FluxBB2PWG .= '" title="'.l10n('Del_User').stripslashes($row['username']).'"';
     928
     929    $msg_error_FluxBB2PWG .= $conf_Register_FluxBB['FLUXBB_CONFIRM']=='false' ?  ' onclick="return confirm(\''.l10n('Are you sure?').'\');" ' : ' ';
     930
     931    $msg_error_FluxBB2PWG .= '><img src="'.REGFLUXBB_PATH.'/admin/template/icon/user_delete.png" alt="'.l10n('Del_User').stripslashes($row['username']).'" /></a>';
     932  }
     933
     934  if ($msg_error_FluxBB2PWG == '')
     935    array_push($page['infos'], l10n('Audit_FluxBB2PWG').'<br>'.l10n('Audit_OK'));
     936  else
     937    $msg_error_FluxBB2PWG = l10n('Audit_FluxBB2PWG').$msg_error_FluxBB2PWG;
     938
     939
     940
     941  if ($msg_error_PWG_Dup <> '')
     942    $errors[] = $msg_error_PWG_Dup . ( ($msg_error_FluxBB_Dup == '' and $msg_error_Link_Break == '' and $msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
     943 
     944  if ($msg_error_FluxBB_Dup <> '')
     945    $errors[] = $msg_error_FluxBB_Dup . ( ($msg_error_Link_Break == '' and $msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
     946
     947  if ($msg_error_Link_Break <> '')
     948    $errors[] = $msg_error_Link_Break . ( ($msg_error_Link_Bad == '' and $msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
     949
     950  if ($msg_error_Link_Bad <> '')
     951    $errors[] = $msg_error_Link_Bad . ( ($msg_error_Synchro == '' and $msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
     952
     953  if ($msg_error_Synchro <> '')
     954    $errors[] = $msg_error_Synchro . ( ($msg_error_PWG2FluxBB == '' and $msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
     955
     956  if ($msg_error_PWG2FluxBB <> '')
     957    $errors[] = $msg_error_PWG2FluxBB . ( ($msg_error_FluxBB2PWG == '') ? '' : '<br><br>' );
     958
     959  if ($msg_error_FluxBB2PWG <> '')
     960    $errors[] = $msg_error_FluxBB2PWG;
     961
     962  if (isset ($errors) and count($errors) != 0)
     963  {
     964    foreach ($errors as $error)
     965    {
     966      array_push($page['errors'], $error);
     967    }
     968  }
     969}
     970
     971// +-----------------------------------------------------------------------+
     972// |                       Audit actions process                           |
     973// +-----------------------------------------------------------------------+
     974if (isset($_GET['action']) and ($_GET['action']=='link_dead'))
     975{
     976  $query = '
     977DELETE FROM '.Register_FluxBB_ID_TABLE.'
     978WHERE id_user_FluxBB NOT IN (
     979  SELECT id
     980  FROM '.FluxBB_USERS_TABLE.'
     981  )
     982OR id_user_pwg NOT IN (
     983  SELECT id
     984  FROM '.USERS_TABLE.'
     985  )
     986;';
     987
     988  $result = pwg_query($query);
     989 
     990  Audit_PWG_FluxBB();
     991}
     992else if (isset($_GET['action']) and ($_GET['action']=='link_del') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
     993{
     994  $query = '
     995DELETE FROM '.Register_FluxBB_ID_TABLE.'
     996WHERE id_user_pwg = '.$_GET['pwg_id'].'
     997AND id_user_FluxBB = '.$_GET['bb_id'].'
     998;';
     999
     1000  $result = pwg_query($query);
     1001 
     1002  Audit_PWG_FluxBB();
     1003}
     1004else if (isset($_GET['action']) and ($_GET['action']=='new_link') and isset($_GET['pwg_id']) and isset($_GET['bb_id']))
     1005{
     1006  FluxBB_Linkuser($_GET['pwg_id'], $_GET['bb_id']);
     1007 
     1008  Audit_PWG_FluxBB();
     1009}
     1010//else if (isset($_GET['action']) and ($_GET['action']=='sync_user') and isset($_GET['username']))
     1011//{
     1012//  $query = '
     1013//SELECT id AS id_pwg, username, password, mail_address
     1014//FROM '.USERS_TABLE.'
     1015//WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
     1016//AND username NOT IN ("18","16")
     1017//LIMIT 1
     1018//;';
     1019//
     1020//  $data = pwg_db_fetch_assoc(pwg_query($query));
     1021// 
     1022//  if (!empty($data))
     1023//  {
     1024//    FluxBB_Updateuser($data['id_pwg'], stripslashes($data['username']), $data['password'], $data['mail_address']);
     1025//  }
     1026// 
     1027//  Audit_PWG_FluxBB();
     1028//}
     1029else if (isset($_GET['action']) and ($_GET['action']=='add_user') and isset($_GET['username']))
     1030{
     1031  $query = '
     1032SELECT id, username, password, mail_address
     1033FROM '.USERS_TABLE.'
     1034WHERE BINARY username = BINARY "'.pwg_db_real_escape_string($_GET['username']).'"
     1035AND username NOT IN ("18","16")
     1036LIMIT 1
     1037;';
     1038
     1039  $data = pwg_db_fetch_assoc(pwg_query($query));
     1040
     1041  if (!empty($data))
     1042    FluxBB_Adduser($data['id'], stripslashes($data['username']), $data['password'], $data['mail_address']); 
     1043
     1044   Audit_PWG_FluxBB();
     1045}
     1046else if (isset($_GET['action']) and ($_GET['action']=='del_user') and isset($_GET['id']))
     1047{
     1048  FluxBB_Deluser( $_GET['id'], true );
     1049
    6281050  Audit_PWG_FluxBB();
    6291051}
Note: See TracChangeset for help on using the changeset viewer.