mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-22 12:16:11 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			362 lines
		
	
	
		
			9.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			362 lines
		
	
	
		
			9.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| /***************************************************************************
 | |
|  *                              admin_users.php
 | |
|  *                            -------------------
 | |
|  *   begin                : Saturday, Feb 13, 2001
 | |
|  *   copyright            : (C) 2001 The phpBB Group
 | |
|  *   email                : support@phpbb.com
 | |
|  *
 | |
|  *   $Id$
 | |
|  *
 | |
|  ***************************************************************************/
 | |
| 
 | |
| /***************************************************************************
 | |
|  *
 | |
|  *   This program is free software; you can redistribute it and/or modify
 | |
|  *   it under the terms of the GNU General Public License as published by
 | |
|  *   the Free Software Foundation; either version 2 of the License, or
 | |
|  *   (at your option) any later version.
 | |
|  *
 | |
|  ***************************************************************************/
 | |
| 
 | |
| if (!empty($setmodules))
 | |
| {
 | |
| 	if (!$auth->acl_gets('a_user', 'a_useradd', 'a_userdel'))
 | |
| 	{
 | |
| 		return;
 | |
| 	}
 | |
| 
 | |
| 	$module['USER']['MANAGE'] = basename(__FILE__) . $SID;
 | |
| 
 | |
| 	return;
 | |
| }
 | |
| 
 | |
| define('IN_PHPBB', 1);
 | |
| // Include files
 | |
| $phpbb_root_path = '../';
 | |
| require($phpbb_root_path . 'extension.inc');
 | |
| require('pagestart.' . $phpEx);
 | |
| require_once($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 | |
| 
 | |
| // Set mode
 | |
| $mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main';
 | |
| 
 | |
| // Begin program
 | |
| if (isset($_POST['username']) || isset($_GET['u']) || isset($_POST['u']))
 | |
| {
 | |
| 	// Grab relevant userdata
 | |
| 	if(isset($_REQUEST['u']))
 | |
| 	{
 | |
| 		$user_id = intval($_REQUEST['u']);
 | |
| 
 | |
| 		if(!($userdata = get_userdata($user_id)))
 | |
| 		{
 | |
| 			trigger_error($user->lang['No_user_id_specified']);
 | |
| 		}
 | |
| 	}
 | |
| 	else
 | |
| 	{
 | |
| 		if(!$userdata = get_userdata($_POST['username']))
 | |
| 		{
 | |
| 			trigger_error($user->lang['No_user_id_specified']);
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	// Update entry in DB
 | |
| 	if ($_POST['deleteuser'] && !$userdata['user_founder'])
 | |
| 	{
 | |
| 		if (!$auth->acl_get('a_userdel'))
 | |
| 		{
 | |
| 			trigger_error($user->lang['NO_ADMIN']);
 | |
| 		}
 | |
| 
 | |
| 		$db->sql_transaction();
 | |
| 
 | |
| 		$sql = "UPDATE " . POSTS_TABLE . "
 | |
| 			SET poster_id = " . ANONYMOUS . ", post_username = '$username'
 | |
| 			WHERE poster_id = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$sql = "UPDATE " . TOPICS_TABLE . "
 | |
| 			SET topic_poster = " . ANONYMOUS . "
 | |
| 			WHERE topic_poster = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$sql = "DELETE FROM " . USERS_TABLE . "
 | |
| 			WHERE user_id = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$sql = "DELETE FROM " . USER_GROUP_TABLE . "
 | |
| 			WHERE user_id = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
 | |
| 			WHERE user_id = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
 | |
| 			WHERE user_id = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$sql = "DELETE FROM " . ACL_USERS_TABLE . "
 | |
| 			WHERE user_id = $user_id";
 | |
| 		$db->sql_query($sql);
 | |
| 
 | |
| 		$db->sql_transaction('commit');
 | |
| 
 | |
| 		trigger_error($user->lang['User_deleted']);
 | |
| 	}
 | |
| 
 | |
| 
 | |
| 	// Output relevant page
 | |
| 	page_header($user->lang['Manage']);
 | |
| 
 | |
| ?>
 | |
| 
 | |
| <form method="post" action="admin_users.<?php echo $phpEx . $SID; ?>&mode=<?php echo $mode; ?>&u=<?php echo $userdata['user_id']; ?>"><table width="90%" cellspacing="3" cellpadding="0" border="0" align="center">
 | |
| 	<tr>
 | |
| 		<td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=permissions">Permissions</a></td>
 | |
| 	</tr>
 | |
| <?php
 | |
| 
 | |
| 	switch ($mode)
 | |
| 	{
 | |
| 		case 'main':
 | |
| 
 | |
| ?>	
 | |
| 	<tr>
 | |
| 		<td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0">
 | |
| 			<tr>
 | |
| 				<td class="row1">Username: <br /><span class="gensmall">Click profile to edit</span></td>
 | |
| 				<td class="row2"><?php echo $userdata['username']; ?> [ <a href="admin_ban.<?php echo $phpEx . $SID; ?>&mode=user&ban=<?php echo $userdata['username']; ?>&bansubmit=true">Ban</a> ]</td>
 | |
| 			</tr>
 | |
| 			<tr>
 | |
| 				<td class="row1">Registered: </td>
 | |
| 				<td class="row2"><?php echo $user->format_date($userdata['user_regdate']); ?></td>
 | |
| 			</tr>
 | |
| 			<tr>
 | |
| 				<td class="row1">Registered from IP: </td>
 | |
| 				<td class="row2"><?php if ($userdata['user_ip']) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=main&do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&mode=ip&ban=<?php echo $userdata['user_ip']; ?>&bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td>
 | |
| 			</tr>
 | |
| <?php
 | |
| 
 | |
| 			if (isset($_GET['do']) && $_GET['do'] == 'iplookup')
 | |
| 			{
 | |
| 				if ($userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip']))
 | |
| 				{
 | |
| ?>
 | |
| 			<tr>
 | |
| 				<th colspan="2">IP whois for <?php echo $domain; ?></th>
 | |
| 			</tr>
 | |
| 			<tr>
 | |
| 				<td class="row1" colspan="2"><?php
 | |
| 
 | |
| 					if ($ipwhois = ipwhois($userdata['user_ip']))
 | |
| 					{
 | |
| 						echo '<br /><pre align="left">' . trim($ipwhois) . '</pre>';
 | |
| 					}
 | |
| ?></td>
 | |
| 			</tr>
 | |
| <?php
 | |
| 
 | |
| 				}
 | |
| 			}
 | |
| 
 | |
| ?>
 | |
| 			<tr>
 | |
| 				<td class="row1">Total/Average posts by this user: </td>
 | |
| 				<td class="row2"></td>
 | |
| 			</tr>
 | |
| 			<tr>
 | |
| 				<td class="row1"></td>
 | |
| 				<td class="row2"></td>
 | |
| 			</tr>
 | |
| 		</table></td>
 | |
| 	</tr>
 | |
| </table></form>
 | |
| 
 | |
| <?php
 | |
| 
 | |
| 			break;
 | |
| 
 | |
| 		case 'permissions':
 | |
| 
 | |
| 			$userauth = new auth();
 | |
| 			$userauth->acl($userdata);
 | |
| 
 | |
| 			foreach ($acl_options['global'] as $option_name => $option_id)
 | |
| 			{
 | |
| 				$type = substr($option_name, 0, strpos('_', $option_name) +1);
 | |
| 				$global[$type][$option_name] = $userauth->acl_get($option_name);
 | |
| 			}
 | |
| 
 | |
| 			$sql = "SELECT forum_id, forum_name
 | |
| 				FROM " . FORUMS_TABLE . "
 | |
| 				ORDER BY left_id";
 | |
| 			$result = $db->sql_query($sql);
 | |
| 
 | |
| 			$permissions = array();
 | |
| 			while($row = $db->sql_fetchrow($result))
 | |
| 			{
 | |
| 				$forum_data[$row['forum_id']] = $row['forum_name'];
 | |
| 
 | |
| 				foreach ($acl_options['local'] as $option_name => $option_id)
 | |
| 				{
 | |
| 					$local[$row['forum_id']][$option_name] = $userauth->acl_get($option_name, $row['forum_id']);
 | |
| 				}
 | |
| 			}
 | |
| 
 | |
| ?>
 | |
| 			<tr>
 | |
| 				<td colspan="2"><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
 | |
| 					<tr>
 | |
| 						<td class="cat" colspan="3" align="right">Select permission set: <select name="acl_type"><?php 
 | |
| 
 | |
| 	$acl_types = '<option>Global Settings</option><option>---------------</option>';
 | |
| 	$acl_types .= '<option value="a">' . $user->lang['ADMINISTRATOR'] . '</option><option value="u">' . $user->lang['USER'] . '</option>';
 | |
| 	$acl_types .= '<option>Forum Settings</option><option>---------------</option>';
 | |
| 	$acl_types .= make_forum_select(false, false, false);
 | |
| 
 | |
| 	echo $acl_types;
 | |
| 
 | |
| ?></select> </td>
 | |
| 					</tr>
 | |
| 					<tr>
 | |
| 						<th> <?php echo $user->lang['Option']; ?> </th>
 | |
| 						<th> <?php echo $user->lang['Allow']; ?> </th>
 | |
| 						<th> <?php echo $user->lang['Deny']; ?> </th>
 | |
| 					</tr>
 | |
| <?php
 | |
| 
 | |
| 			foreach ($global as $type => $auth_ary)
 | |
| 			{
 | |
| 				foreach ($auth_ary as $option => $allow)
 | |
| 				{
 | |
| 					if ($option != $type .'_')
 | |
| 					{
 | |
| 						$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
 | |
| 
 | |
| 						$l_can_cell = (!empty($user->lang['acl_' . $option])) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option));
 | |
| 
 | |
| 						$allow_type = ($allow == ACL_ALLOW) ? ' checked="checked"' : '';
 | |
| 						$deny_type = ($allow == ACL_DENY) ? ' checked="checked"' : '';
 | |
| ?>
 | |
| 				<tr>
 | |
| 					<td class="<?php echo $row_class; ?>"><?php echo $l_can_cell; ?></td>
 | |
| 					<td class="<?php echo $row_class; ?>" align="center"><input type="radio"<?php echo $allow_type; ?> /></td>
 | |
| 					<td class="<?php echo $row_class; ?>" align="center"><input type="radio"<?php echo $deny_type; ?> /></td>
 | |
| 				</tr>
 | |
| <?php
 | |
| 					}
 | |
| 				}
 | |
| 			}
 | |
| 
 | |
| ?>
 | |
| 				</table></td>
 | |
| 			</tr>
 | |
| 			<tr>
 | |
| <?php
 | |
| 
 | |
| 			foreach ($local as $forum_id => $auth_ary)
 | |
| 			{
 | |
| 
 | |
| ?>
 | |
| 				<td class="row1"><?php echo $forum_data[$forum_id]; ?></td>
 | |
| 				<td><table cellspacing="1" cellpadding="0" border="0">
 | |
| <?php
 | |
| 
 | |
| 				foreach ($auth_ary as $option => $allow)
 | |
| 				{
 | |
| 					echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . (($allow) ? 'Allowed' : 'Denied') . '</td></tr>';
 | |
| 				}
 | |
| 
 | |
| ?>
 | |
| 				</table></td>
 | |
| 			</tr>
 | |
| <?php
 | |
| 
 | |
| 			}
 | |
| 
 | |
| 			break;
 | |
| 
 | |
| 	}
 | |
| 
 | |
| 	page_footer();
 | |
| 
 | |
| }
 | |
| 
 | |
| // Do we have permission?
 | |
| if (!$auth->acl_get('a_user'))
 | |
| {
 | |
| 	trigger_error($user->lang['No_admin']);
 | |
| }
 | |
| 
 | |
| page_header($user->lang['Manage']);
 | |
| 
 | |
| ?>
 | |
| 
 | |
| <h1><?php echo $user->lang['User_admin']; ?></h1>
 | |
| 
 | |
| <p><?php echo $user->lang['User_admin_explain']; ?></p>
 | |
| 
 | |
| <form method="post" name="post" action="admin_users.<?php echo $phpEx.$SID; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 | |
| 	<tr>
 | |
| 		<th align="center"><?php echo $user->lang['Select_a_User']; ?></th>
 | |
| 	</tr>
 | |
| 	<tr>
 | |
| 		<td class="row1" align="center"><input type="text" class="post" name="username" maxlength="50" size="20" /> <input type="submit" name="submituser" value="<?php echo $user->lang['Look_up_user']; ?>" class="mainoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onClick="window.open('<?php echo "../memberlist.$phpEx$SID&mode=searchuser&field=username"; ?>', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /></td>
 | |
| 	</tr>
 | |
| </table></form>
 | |
| 
 | |
| <?php
 | |
| 
 | |
| 
 | |
| page_footer();
 | |
| 
 | |
| // ---------
 | |
| // FUNCTIONS
 | |
| function ipwhois($ip)
 | |
| {
 | |
| 	$ipwhois = '';
 | |
| 
 | |
| 	$match = array(
 | |
| 		'#RIPE\.NET#is' => 'whois.ripe.net',
 | |
| 		'#whois\.apnic\.net#is' => 'whois.apnic.net',
 | |
| 		'#nic\.ad\.jp#is' => 'whois.nic.ad.jp',
 | |
| 		'#whois\.registro\.br#is' => 'whois.registro.br'
 | |
| 	);
 | |
| 
 | |
| 	if (($fsk = fsockopen('whois.arin.net', 43)))
 | |
| 	{
 | |
| 		@fputs($fsk, "$ip\n");
 | |
| 		while (!feof($fsk))
 | |
| 		{
 | |
| 			$ipwhois .= fgets($fsk, 1024);
 | |
| 		}
 | |
| 		fclose($fsk);
 | |
| 	}
 | |
| 
 | |
| 	foreach (array_keys($match) as $server)
 | |
| 	{
 | |
| 		if (preg_match($server, $ipwhois))
 | |
| 		{
 | |
| 			$ipwhois = '';
 | |
| 			if (($fsk = fsockopen($match[$server], 43)))
 | |
| 			{
 | |
| 				@fputs($fsk, "$ip\n");
 | |
| 				while (!feof($fsk))
 | |
| 				{
 | |
| 					$ipwhois .= fgets($fsk, 1024);
 | |
| 				}
 | |
| 				fclose($fsk);
 | |
| 			}
 | |
| 			break;
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	return $ipwhois;
 | |
| }
 | |
| // FUNCTIONS
 | |
| // ---------
 | |
| 
 | |
| ?>
 |