398 lines
16 KiB
PHP
398 lines
16 KiB
PHP
|
<?php
|
||
|
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
|
||
|
die("Hacking attempt!");
|
||
|
}
|
||
|
|
||
|
if( ! $user_group[$member_id['user_group']]['admin_editusers'] ) {
|
||
|
msg( "error", $lang['index_denied'], $lang['index_denied'] );
|
||
|
}
|
||
|
|
||
|
$selected_users = $_REQUEST['selected_users'];
|
||
|
|
||
|
if( ! $selected_users ) {
|
||
|
msg( "error", $lang['mass_error'], $lang['massusers_denied'],"?mod=editusers&action=list" );
|
||
|
}
|
||
|
|
||
|
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
|
||
|
|
||
|
die( "Hacking attempt! User not found" );
|
||
|
|
||
|
}
|
||
|
|
||
|
if( $_POST['action'] == "mass_delete" ) {
|
||
|
|
||
|
echoheader( "options", $lang['mass_head'] );
|
||
|
|
||
|
|
||
|
echo <<<HTML
|
||
|
<form action="{$PHP_SELF}" method="post">
|
||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head']}</div></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<div class="unterline"></div>
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm']}
|
||
|
HTML;
|
||
|
|
||
|
echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br>
|
||
|
<input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\">
|
||
|
<input type=hidden name=action value=\"do_mass_delete\">
|
||
|
<input type=hidden name=user_hash value=\"{$dle_login_hash}\">
|
||
|
<input type=hidden name=mod value=\"mass_user_actions\">";
|
||
|
foreach ( $selected_users as $userid ) {
|
||
|
$userid = intval($userid);
|
||
|
echo "<input type=hidden name=selected_users[] value=\"$userid\">\n";
|
||
|
}
|
||
|
|
||
|
echo <<<HTML
|
||
|
</tr>
|
||
|
</table>
|
||
|
</td>
|
||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div></form>
|
||
|
HTML;
|
||
|
|
||
|
|
||
|
echofooter();
|
||
|
exit();
|
||
|
|
||
|
} elseif ($_POST['action'] == "do_mass_delete") {
|
||
|
|
||
|
$deleted = 0;
|
||
|
|
||
|
foreach ( $selected_users as $id ) {
|
||
|
|
||
|
$id = intval( $id );
|
||
|
|
||
|
if( $id == 1 ) {
|
||
|
msg( "error", $lang['mass_error'], $lang['user_undel'], "?mod=editusers&action=list" );
|
||
|
}
|
||
|
|
||
|
$row = $db->super_query( "SELECT user_id, user_group, name, foto FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
||
|
|
||
|
if( ! $row['user_id'] ) msg( "error", $lang['mass_error'], $lang['user_undel'], "?mod=editusers&action=list" );
|
||
|
|
||
|
if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 )
|
||
|
msg( "error", $lang['mass_error'], $lang['user_undel'], "?mod=editusers&action=list" );
|
||
|
|
||
|
$db->query( "DELETE FROM " . USERPREFIX . "_pm WHERE user_from = '{$row['name']}' AND folder = 'outbox'" );
|
||
|
$db->query( "delete FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
||
|
$db->query( "delete FROM " . USERPREFIX . "_banned WHERE users_id='$id'" );
|
||
|
$db->query( "delete FROM " . USERPREFIX . "_pm WHERE user='$id'" );
|
||
|
|
||
|
@unlink( ROOT_DIR . "/uploads/fotos/" . $row['foto'] );
|
||
|
|
||
|
$deleted ++;
|
||
|
}
|
||
|
|
||
|
$cache->clear();
|
||
|
$cache->delete('banned.php' );
|
||
|
|
||
|
if( count( $selected_users ) == $deleted ) {
|
||
|
msg( "info", $lang['massusers_head'], $lang['massusers_delok'], "?mod=editusers&action=list" );
|
||
|
} else {
|
||
|
msg( "error", $lang['mass_error'], "$deleted $lang[mass_i] " . count( $selected_users ) . " $lang[massusers_confirm_2]", "?mod=editusers&action=list" );
|
||
|
}
|
||
|
|
||
|
} elseif ($_POST['action'] == "mass_delete_comments") {
|
||
|
|
||
|
echoheader( "options", $lang['mass_head'] );
|
||
|
|
||
|
|
||
|
echo <<<HTML
|
||
|
<form action="{$PHP_SELF}" method="post">
|
||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_1']}</div></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<div class="unterline"></div>
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm_3']}
|
||
|
HTML;
|
||
|
|
||
|
echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br>
|
||
|
<input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\">
|
||
|
<input type=hidden name=action value=\"do_mass_delete_comments\">
|
||
|
<input type=hidden name=user_hash value=\"{$dle_login_hash}\">
|
||
|
<input type=hidden name=mod value=\"mass_user_actions\">";
|
||
|
foreach ( $selected_users as $userid ) {
|
||
|
$userid = intval($userid);
|
||
|
echo "<input type=hidden name=selected_users[] value=\"$userid\">\n";
|
||
|
}
|
||
|
|
||
|
echo <<<HTML
|
||
|
</tr>
|
||
|
</table>
|
||
|
</td>
|
||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div></form>
|
||
|
HTML;
|
||
|
|
||
|
echofooter();
|
||
|
exit();
|
||
|
|
||
|
} elseif ($_POST['action'] == "do_mass_delete_comments") {
|
||
|
|
||
|
foreach ( $selected_users as $id ) {
|
||
|
|
||
|
$id = intval( $id );
|
||
|
|
||
|
$result = $db->query( "SELECT COUNT(*) as count, post_id FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1' GROUP BY post_id" );
|
||
|
|
||
|
while ( $row = $db->get_array( $result ) ) {
|
||
|
|
||
|
$db->query( "UPDATE " . PREFIX . "_post set comm_num=comm_num-{$row['count']} where id='{$row['post_id']}'" );
|
||
|
|
||
|
}
|
||
|
$db->free( $result );
|
||
|
|
||
|
$db->query( "UPDATE " . USERPREFIX . "_users set comm_num='0' WHERE user_id ='$id'" );
|
||
|
$db->query( "DELETE FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1'" );
|
||
|
|
||
|
}
|
||
|
|
||
|
$cache->clear();
|
||
|
msg( "info", $lang['massusers_head_1'], $lang['massusers_comok'], "?mod=editusers&action=list" );
|
||
|
|
||
|
} elseif ($_POST['action'] == "mass_move_to_group") {
|
||
|
|
||
|
|
||
|
echoheader( "options", $lang['mass_head'] );
|
||
|
|
||
|
|
||
|
echo <<<HTML
|
||
|
<form action="{$PHP_SELF}" method="post">
|
||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_2']}</div></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<div class="unterline"></div>
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm_4']}
|
||
|
HTML;
|
||
|
|
||
|
echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br>
|
||
|
{$lang['user_acc']} <select name=\"editlevel\" class=\"edit\">".get_groups()."</select> {$lang['user_gtlimit']} <input size=\"17\" name=\"time_limit\" id=\"time_limit\" class=\"edit\" value=\"{$row['time_limit']}\"> <img src=\"system/skins/images/img.gif\" align=\"absmiddle\" id=\"t_trigger_ent\" style=\"cursor: pointer; border: 0\" title=\"{$lang['edit_ecal']}\"/><a href=\"#\" class=\"hintanchor\" onMouseover=\"showhint('{$lang[hint_glhel]}', this, event, '250px')\">[?]</a>
|
||
|
<br><br>
|
||
|
<input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\">
|
||
|
<input type=hidden name=action value=\"do_mass_move_to_group\">
|
||
|
<input type=hidden name=user_hash value=\"{$dle_login_hash}\">
|
||
|
<input type=hidden name=mod value=\"mass_user_actions\">";
|
||
|
foreach ( $selected_users as $userid ) {
|
||
|
$userid = intval($userid);
|
||
|
echo "<input type=hidden name=selected_users[] value=\"$userid\">\n";
|
||
|
}
|
||
|
|
||
|
echo <<<HTML
|
||
|
</tr>
|
||
|
</table>
|
||
|
</td>
|
||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div></form>
|
||
|
|
||
|
<link rel="stylesheet" type="text/css" media="all" href="system/skins/calendar-blue.css" title="win2k-cold-1" />
|
||
|
<script type="text/javascript" src="system/skins/calendar.js"></script>
|
||
|
<script type="text/javascript" src="system/skins/calendar-en.js"></script>
|
||
|
<script type="text/javascript" src="system/skins/calendar-setup.js"></script>
|
||
|
<script type="text/javascript">
|
||
|
Calendar.setup({
|
||
|
inputField : "time_limit", // id of the input field
|
||
|
ifFormat : "%Y-%m-%d %H:%M", // format of the input field
|
||
|
button : "t_trigger_ent", // trigger for the calendar (button ID)
|
||
|
align : "Br", // alignment
|
||
|
timeFormat : "24",
|
||
|
showsTime : true,
|
||
|
singleClick : true
|
||
|
});
|
||
|
</script>
|
||
|
HTML;
|
||
|
|
||
|
echofooter();
|
||
|
exit();
|
||
|
|
||
|
} elseif ($_POST['action'] == "do_mass_move_to_group") {
|
||
|
|
||
|
$editlevel = intval( $_POST['editlevel'] );
|
||
|
|
||
|
if ($member_id['user_group'] != 1 AND $editlevel < 2 )
|
||
|
msg( "error", $lang['mass_error'], $lang['admin_not_access'], "?mod=editusers&action=list" );
|
||
|
|
||
|
foreach ( $selected_users as $id ) {
|
||
|
|
||
|
$id = intval( $id );
|
||
|
|
||
|
$row = $db->super_query( "SELECT user_group FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
||
|
|
||
|
if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 )
|
||
|
msg( "error", $lang['mass_error'], $lang['edit_not_admin'], "?mod=editusers&action=list" );
|
||
|
|
||
|
}
|
||
|
|
||
|
$cache->clear();
|
||
|
msg( "info", $lang['massusers_head_2'], $lang['massusers_groupok']." <b>".$user_group[$editlevel]['group_name']."</b>", "?mod=editusers&action=list" );
|
||
|
|
||
|
} elseif ($_POST['action'] == "mass_move_to_ban") {
|
||
|
|
||
|
echoheader( "options", $lang['mass_head'] );
|
||
|
|
||
|
|
||
|
echo <<<HTML
|
||
|
<form action="{$PHP_SELF}" method="post">
|
||
|
<div style="padding-top:5px;padding-bottom:2px;">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
|
||
|
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
|
||
|
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
|
||
|
<td style="padding:5px;" bgcolor="#FFFFFF">
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_3']}</div></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<div class="unterline"></div>
|
||
|
<table width="100%">
|
||
|
<tr>
|
||
|
<td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm_5']}
|
||
|
HTML;
|
||
|
|
||
|
echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br>
|
||
|
<div style=\"width:350px;\" align=\"left\">{$lang['ban_date']} <input size=\"5\" name=\"banned_date\" class=\"edit\" value=\"0\"><a href=\"#\" class=\"hintanchor\" onMouseover=\"showhint('{$lang[hint_bandescr]}', this, event, '250px')\">[?]</a>
|
||
|
<br><br>{$lang['ban_descr']}<br><textarea style=\"width:100%; height:80px;\" name=\"banned_descr\"></textarea>
|
||
|
<br><br></div>
|
||
|
<input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\">
|
||
|
<input type=hidden name=action value=\"do_mass_move_to_ban\">
|
||
|
<input type=hidden name=user_hash value=\"{$dle_login_hash}\">
|
||
|
<input type=hidden name=mod value=\"mass_user_actions\">";
|
||
|
foreach ( $selected_users as $userid ) {
|
||
|
$userid = intval($userid);
|
||
|
echo "<input type=hidden name=selected_users[] value=\"$userid\">\n";
|
||
|
}
|
||
|
|
||
|
echo <<<HTML
|
||
|
</tr>
|
||
|
</table>
|
||
|
</td>
|
||
|
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
|
||
|
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
|
||
|
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div></form>
|
||
|
HTML;
|
||
|
|
||
|
echofooter();
|
||
|
exit();
|
||
|
|
||
|
} elseif ($_POST['action'] == "do_mass_move_to_ban") {
|
||
|
|
||
|
|
||
|
include_once SYSTEM_DIR . '/classes/parse.class.php';
|
||
|
$parse = new ParseFilter( );
|
||
|
|
||
|
foreach ( $selected_users as $id ) {
|
||
|
|
||
|
$id = intval( $id );
|
||
|
|
||
|
$row = $db->super_query( "SELECT user_group FROM " . USERPREFIX . "_users WHERE user_id='$id'" );
|
||
|
|
||
|
if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 )
|
||
|
msg( "error", $lang['mass_error'], $lang['edit_not_admin'], "?mod=editusers&action=list" );
|
||
|
|
||
|
|
||
|
$banned_descr = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['banned_descr'] ), false ) );
|
||
|
$this_time = time() + ($config['date_adjust'] * 60);
|
||
|
$banned_date = intval( $_POST['banned_date'] );
|
||
|
$this_time = $banned_date ? $this_time + ($banned_date * 60 * 60 * 24) : 0;
|
||
|
|
||
|
$row = $db->super_query( "SELECT users_id, days FROM " . USERPREFIX . "_banned WHERE users_id = '$id'" );
|
||
|
|
||
|
if( ! $row['users_id'] ) $db->query( "INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days) values ('$id', '$banned_descr', '$this_time', '$banned_date')" );
|
||
|
else {
|
||
|
|
||
|
if( $row['days'] != $banned_date ) $db->query( "UPDATE " . USERPREFIX . "_banned SET descr='$banned_descr', days='$banned_date', date='$this_time' WHERE users_id = '$id'" );
|
||
|
else $db->query( "UPDATE " . USERPREFIX . "_banned set descr='$banned_descr' WHERE users_id = '$id'" );
|
||
|
|
||
|
}
|
||
|
|
||
|
$cache->delete('banned.php' );
|
||
|
|
||
|
$db->query( "UPDATE " . USERPREFIX . "_users SET banned='yes' WHERE user_id ='$id'" );
|
||
|
|
||
|
|
||
|
}
|
||
|
|
||
|
$cache->clear();
|
||
|
msg( "info", $lang['massusers_head_3'], $lang['massusers_banok'], "?mod=editusers&action=list" );
|
||
|
|
||
|
|
||
|
} else {
|
||
|
|
||
|
msg( "info", $lang['mass_noact'], $lang['mass_noact_1'], "?mod=editusers&action=list" );
|
||
|
|
||
|
}
|
||
|
?>
|