<?php if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) { die("Hacking attempt!"); } if( ! $user_group[$member_id['user_group']]['admin_editusers'] ) { msg( "error", $lang['index_denied'], $lang['index_denied'] ); } $selected_users = $_REQUEST['selected_users']; if( ! $selected_users ) { msg( "error", $lang['mass_error'], $lang['massusers_denied'],"?mod=editusers&action=list" ); } if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) { die( "Hacking attempt! User not found" ); } if( $_POST['action'] == "mass_delete" ) { echoheader( "options", $lang['mass_head'] ); echo <<<HTML <form action="{$PHP_SELF}" method="post"> <div style="padding-top:5px;padding-bottom:2px;"> <table width="100%"> <tr> <td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td> <td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td> <td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td> </tr> <tr> <td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td> <td style="padding:5px;" bgcolor="#FFFFFF"> <table width="100%"> <tr> <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head']}</div></td> </tr> </table> <div class="unterline"></div> <table width="100%"> <tr> <td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm']} HTML; echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br> <input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\"> <input type=hidden name=action value=\"do_mass_delete\"> <input type=hidden name=user_hash value=\"{$dle_login_hash}\"> <input type=hidden name=mod value=\"mass_user_actions\">"; foreach ( $selected_users as $userid ) { $userid = intval($userid); echo "<input type=hidden name=selected_users[] value=\"$userid\">\n"; } echo <<<HTML </tr> </table> </td> <td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td> </tr> <tr> <td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td> <td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td> <td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td> </tr> </table> </div></form> HTML; echofooter(); exit(); } elseif ($_POST['action'] == "do_mass_delete") { $deleted = 0; foreach ( $selected_users as $id ) { $id = intval( $id ); if( $id == 1 ) { msg( "error", $lang['mass_error'], $lang['user_undel'], "?mod=editusers&action=list" ); } $row = $db->super_query( "SELECT user_id, user_group, name, foto FROM " . USERPREFIX . "_users WHERE user_id='$id'" ); if( ! $row['user_id'] ) msg( "error", $lang['mass_error'], $lang['user_undel'], "?mod=editusers&action=list" ); if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 ) msg( "error", $lang['mass_error'], $lang['user_undel'], "?mod=editusers&action=list" ); $db->query( "DELETE FROM " . USERPREFIX . "_pm WHERE user_from = '{$row['name']}' AND folder = 'outbox'" ); $db->query( "delete FROM " . USERPREFIX . "_users WHERE user_id='$id'" ); $db->query( "delete FROM " . USERPREFIX . "_banned WHERE users_id='$id'" ); $db->query( "delete FROM " . USERPREFIX . "_pm WHERE user='$id'" ); @unlink( ROOT_DIR . "/uploads/fotos/" . $row['foto'] ); $deleted ++; } $cache->clear(); $cache->delete('banned.php' ); if( count( $selected_users ) == $deleted ) { msg( "info", $lang['massusers_head'], $lang['massusers_delok'], "?mod=editusers&action=list" ); } else { msg( "error", $lang['mass_error'], "$deleted $lang[mass_i] " . count( $selected_users ) . " $lang[massusers_confirm_2]", "?mod=editusers&action=list" ); } } elseif ($_POST['action'] == "mass_delete_comments") { echoheader( "options", $lang['mass_head'] ); echo <<<HTML <form action="{$PHP_SELF}" method="post"> <div style="padding-top:5px;padding-bottom:2px;"> <table width="100%"> <tr> <td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td> <td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td> <td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td> </tr> <tr> <td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td> <td style="padding:5px;" bgcolor="#FFFFFF"> <table width="100%"> <tr> <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_1']}</div></td> </tr> </table> <div class="unterline"></div> <table width="100%"> <tr> <td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm_3']} HTML; echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br> <input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\"> <input type=hidden name=action value=\"do_mass_delete_comments\"> <input type=hidden name=user_hash value=\"{$dle_login_hash}\"> <input type=hidden name=mod value=\"mass_user_actions\">"; foreach ( $selected_users as $userid ) { $userid = intval($userid); echo "<input type=hidden name=selected_users[] value=\"$userid\">\n"; } echo <<<HTML </tr> </table> </td> <td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td> </tr> <tr> <td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td> <td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td> <td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td> </tr> </table> </div></form> HTML; echofooter(); exit(); } elseif ($_POST['action'] == "do_mass_delete_comments") { foreach ( $selected_users as $id ) { $id = intval( $id ); $result = $db->query( "SELECT COUNT(*) as count, post_id FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1' GROUP BY post_id" ); while ( $row = $db->get_array( $result ) ) { $db->query( "UPDATE " . PREFIX . "_post set comm_num=comm_num-{$row['count']} where id='{$row['post_id']}'" ); } $db->free( $result ); $db->query( "UPDATE " . USERPREFIX . "_users set comm_num='0' WHERE user_id ='$id'" ); $db->query( "DELETE FROM " . PREFIX . "_comments WHERE user_id='$id' AND is_register='1'" ); } $cache->clear(); msg( "info", $lang['massusers_head_1'], $lang['massusers_comok'], "?mod=editusers&action=list" ); } elseif ($_POST['action'] == "mass_move_to_group") { echoheader( "options", $lang['mass_head'] ); echo <<<HTML <form action="{$PHP_SELF}" method="post"> <div style="padding-top:5px;padding-bottom:2px;"> <table width="100%"> <tr> <td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td> <td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td> <td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td> </tr> <tr> <td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td> <td style="padding:5px;" bgcolor="#FFFFFF"> <table width="100%"> <tr> <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_2']}</div></td> </tr> </table> <div class="unterline"></div> <table width="100%"> <tr> <td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm_4']} HTML; echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br> {$lang['user_acc']} <select name=\"editlevel\" class=\"edit\">".get_groups()."</select> {$lang['user_gtlimit']} <input size=\"17\" name=\"time_limit\" id=\"time_limit\" class=\"edit\" value=\"{$row['time_limit']}\"> <img src=\"system/skins/images/img.gif\" align=\"absmiddle\" id=\"t_trigger_ent\" style=\"cursor: pointer; border: 0\" title=\"{$lang['edit_ecal']}\"/><a href=\"#\" class=\"hintanchor\" onMouseover=\"showhint('{$lang[hint_glhel]}', this, event, '250px')\">[?]</a> <br><br> <input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\"> <input type=hidden name=action value=\"do_mass_move_to_group\"> <input type=hidden name=user_hash value=\"{$dle_login_hash}\"> <input type=hidden name=mod value=\"mass_user_actions\">"; foreach ( $selected_users as $userid ) { $userid = intval($userid); echo "<input type=hidden name=selected_users[] value=\"$userid\">\n"; } echo <<<HTML </tr> </table> </td> <td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td> </tr> <tr> <td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td> <td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td> <td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td> </tr> </table> </div></form> <link rel="stylesheet" type="text/css" media="all" href="system/skins/calendar-blue.css" title="win2k-cold-1" /> <script type="text/javascript" src="system/skins/calendar.js"></script> <script type="text/javascript" src="system/skins/calendar-en.js"></script> <script type="text/javascript" src="system/skins/calendar-setup.js"></script> <script type="text/javascript"> Calendar.setup({ inputField : "time_limit", // id of the input field ifFormat : "%Y-%m-%d %H:%M", // format of the input field button : "t_trigger_ent", // trigger for the calendar (button ID) align : "Br", // alignment timeFormat : "24", showsTime : true, singleClick : true }); </script> HTML; echofooter(); exit(); } elseif ($_POST['action'] == "do_mass_move_to_group") { $editlevel = intval( $_POST['editlevel'] ); if ($member_id['user_group'] != 1 AND $editlevel < 2 ) msg( "error", $lang['mass_error'], $lang['admin_not_access'], "?mod=editusers&action=list" ); foreach ( $selected_users as $id ) { $id = intval( $id ); $row = $db->super_query( "SELECT user_group FROM " . USERPREFIX . "_users WHERE user_id='$id'" ); if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 ) msg( "error", $lang['mass_error'], $lang['edit_not_admin'], "?mod=editusers&action=list" ); } $cache->clear(); msg( "info", $lang['massusers_head_2'], $lang['massusers_groupok']." <b>".$user_group[$editlevel]['group_name']."</b>", "?mod=editusers&action=list" ); } elseif ($_POST['action'] == "mass_move_to_ban") { echoheader( "options", $lang['mass_head'] ); echo <<<HTML <form action="{$PHP_SELF}" method="post"> <div style="padding-top:5px;padding-bottom:2px;"> <table width="100%"> <tr> <td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td> <td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td> <td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td> </tr> <tr> <td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td> <td style="padding:5px;" bgcolor="#FFFFFF"> <table width="100%"> <tr> <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_3']}</div></td> </tr> </table> <div class="unterline"></div> <table width="100%"> <tr> <td style="padding:2px;" height="100" align="center">{$lang['massusers_confirm_5']} HTML; echo " (<b>" . count( $selected_users ) . "</b>) $lang[massusers_confirm_1]<br><br> <div style=\"width:350px;\" align=\"left\">{$lang['ban_date']} <input size=\"5\" name=\"banned_date\" class=\"edit\" value=\"0\"><a href=\"#\" class=\"hintanchor\" onMouseover=\"showhint('{$lang[hint_bandescr]}', this, event, '250px')\">[?]</a> <br><br>{$lang['ban_descr']}<br><textarea style=\"width:100%; height:80px;\" name=\"banned_descr\"></textarea> <br><br></div> <input class=bbcodes type=submit value=\" $lang[mass_yes] \"> <input type=button class=bbcodes value=\" $lang[mass_no] \" onclick=\"javascript:document.location='$PHP_SELF?mod=editusers&action=list'\"> <input type=hidden name=action value=\"do_mass_move_to_ban\"> <input type=hidden name=user_hash value=\"{$dle_login_hash}\"> <input type=hidden name=mod value=\"mass_user_actions\">"; foreach ( $selected_users as $userid ) { $userid = intval($userid); echo "<input type=hidden name=selected_users[] value=\"$userid\">\n"; } echo <<<HTML </tr> </table> </td> <td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td> </tr> <tr> <td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td> <td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td> <td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td> </tr> </table> </div></form> HTML; echofooter(); exit(); } elseif ($_POST['action'] == "do_mass_move_to_ban") { include_once SYSTEM_DIR . '/classes/parse.class.php'; $parse = new ParseFilter( ); foreach ( $selected_users as $id ) { $id = intval( $id ); $row = $db->super_query( "SELECT user_group FROM " . USERPREFIX . "_users WHERE user_id='$id'" ); if ($member_id['user_group'] != 1 AND $row['user_group'] == 1 ) msg( "error", $lang['mass_error'], $lang['edit_not_admin'], "?mod=editusers&action=list" ); $banned_descr = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['banned_descr'] ), false ) ); $this_time = time() + ($config['date_adjust'] * 60); $banned_date = intval( $_POST['banned_date'] ); $this_time = $banned_date ? $this_time + ($banned_date * 60 * 60 * 24) : 0; $row = $db->super_query( "SELECT users_id, days FROM " . USERPREFIX . "_banned WHERE users_id = '$id'" ); if( ! $row['users_id'] ) $db->query( "INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days) values ('$id', '$banned_descr', '$this_time', '$banned_date')" ); else { if( $row['days'] != $banned_date ) $db->query( "UPDATE " . USERPREFIX . "_banned SET descr='$banned_descr', days='$banned_date', date='$this_time' WHERE users_id = '$id'" ); else $db->query( "UPDATE " . USERPREFIX . "_banned set descr='$banned_descr' WHERE users_id = '$id'" ); } $cache->delete('banned.php' ); $db->query( "UPDATE " . USERPREFIX . "_users SET banned='yes' WHERE user_id ='$id'" ); } $cache->clear(); msg( "info", $lang['massusers_head_3'], $lang['massusers_banok'], "?mod=editusers&action=list" ); } else { msg( "info", $lang['mass_noact'], $lang['mass_noact_1'], "?mod=editusers&action=list" ); } ?>