X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=blobdiff_plain;f=web%2Fusermgmt.php;h=307372c94f66839b466dc3b828ebc88edcc31394;hp=851f5d52ed65d7fdd329a8a48027e9e80680474c;hb=8740bf85c70c984fdd5342ef4446cced16fb4e5e;hpb=7f526939ded24298104cacd02b5f364bcc7bfa56 diff --git a/web/usermgmt.php b/web/usermgmt.php index 851f5d5..307372c 100644 --- a/web/usermgmt.php +++ b/web/usermgmt.php @@ -157,7 +157,7 @@ function main() { SELECT usr.*, guar.login AS guar_login FROM %susers AS usr JOIN %susers AS guar ON guar.code = usr.guar_code - WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) ) + WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer)) AND usr.disa_reas = %d AND usr.code = %d;", $G_dbpfx, $G_dbpfx, USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE, @@ -233,7 +233,8 @@ SELECT usr.*, guar.login AS guar_login break; } } - } + } // else if ($action == "accept") { + do { if (($bdb = BriskDB::create()) == FALSE) { @@ -246,9 +247,8 @@ SELECT usr.*, guar.login AS guar_login SELECT usr.*, guar.login AS guar_login FROM %susers AS usr JOIN %susers AS guar ON guar.code = usr.guar_code - WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) ) - AND usr.disa_reas = %d - ORDER BY usr.lintm;", + WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer)) + AND usr.disa_reas = %d ORDER BY usr.lintm;", $G_dbpfx, $G_dbpfx, USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_ADDED); @@ -367,9 +367,8 @@ SELECT mail.*, usr.email AS email SELECT usr.*, guar.login AS guar_login FROM %susers AS usr JOIN %susers AS guar ON guar.code = usr.guar_code - WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) ) - AND usr.disa_reas = %d - ORDER BY usr.lintm;", + WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer)) + AND usr.disa_reas = %d ORDER BY usr.lintm;", $G_dbpfx, $G_dbpfx, USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_MAILED); @@ -444,10 +443,10 @@ SELECT usr.*, guar.login AS guar_login SELECT usr.*, guar.login AS guar_login FROM %susers AS usr JOIN %susers AS guar ON guar.code = usr.guar_code - WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) ) + WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer)) AND usr.disa_reas = %d AND usr.code = %d;", $G_dbpfx, $G_dbpfx, - USER_FLAG_TY_ALL & ~USER_FLAG_TY_APPR, USER_FLAG_TY_DISABLE, + USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_TOBECHK, $id); if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) { log_crit("stat-day: select from tournaments failed"); @@ -484,7 +483,6 @@ SELECT usr.*, guar.login AS guar_login if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) { - // if (brisk_mail($usr_obj->email, "Il titolo", "zozozo", "il body fine.") == FALSE) { // mail error fprintf(STDERR, "ERROR: mail send FAILED\n"); break; @@ -492,6 +490,108 @@ SELECT usr.*, guar.login AS guar_login } exit; } + + + else if ($action == "delete") { + foreach($_POST as $key => $value) { + if (substr($key, 0, 9) != "f_newuser") + continue; + + $id = (int)substr($key, 9); + if ($id <= 0) + continue; + + // check existence of username or email + $is_trans = FALSE; + $res = FALSE; + do { + if (($bdb = BriskDB::create()) == FALSE) + break; + + // retrieve list added users + $usr_sql = sprintf(" +SELECT usr.*, guar.login AS guar_login + FROM %susers AS usr + JOIN %susers AS guar ON guar.code = usr.guar_code + WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer)) + AND usr.disa_reas = %d AND usr.code = %d;", + $G_dbpfx, $G_dbpfx, + USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE, + USER_DIS_REA_NU_TOBECHK, $id); + + + if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) { + log_crit("stat-day: select from tournaments failed"); + break; + } + $usr_n = pg_numrows($usr_pg); + if ($usr_n != 1) { + $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.
", + $id, $usr_n); + break; + } + + $usr_obj = pg_fetch_object($usr_pg, 0); + + $bdb->transaction('BEGIN'); + $is_trans = TRUE; + + $del_sql = sprintf("DELETE FROM %susers WHERE code = %d;", + $G_dbpfx, $usr_obj->code); + + if (($del_pg = pg_query($bdb->dbconn->db(), $del_sql)) == FALSE) { + log_crit("stat-day: select from tournaments failed"); + break; + } + + // FIXME: add to index_wr.php strings + $subj = "Brisk: nickname rifiutato"; + // the same for both cases: + // if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) { + $body_txt = sprintf('Ciao, sono l\' amministratore del sito di Brisk. + +Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare +non ha superato la fase di verifica manuale; il motivo può essere +la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso +o troppo aggressivo o o ci sono troppe cifre consecutive o qualcosa del genere. + +La procedura di registrazione va ripetuta. + +Saluti e buone partite, mop.', $usr_obj->login); + + $body_htm = sprintf('Ciao, sono l\' amministratore del sito di Brisk.

+Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare +non ha superato la fase di verifica manuale; il motivo può essere +la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso +o troppo aggressivo o o ci sono troppe cifre consecutive o qualcosa del genere.

+La procedura di registrazione va ripetuta.

+Saluti e buone partite, mop.', $usr_obj->login); + /* } */ + /* else { */ + /* $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang], */ + /* $usr_obj->guar_login, $usr_obj->login, $confirm_page); */ + /* $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang], */ + /* $usr_obj->guar_login, $usr_obj->login, $confirm_page); */ + /* } */ + + if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) { + // mail error + fprintf(STDERR, "ERROR: mail send FAILED\n"); + break; + } + $status .= sprintf("user delete for %s: SUCCESS
", $usr_obj->login); + $bdb->transaction('COMMIT'); + $res = TRUE; + } while(FALSE); + if ($res == FALSE) { + $status .= sprintf("Error occurred during accept action
"); + if ($is_trans) + $bdb->transaction('ROLLBACK'); + break; + } + printf("Registration %s for login %s deleted
\n", $usr_obj->code, $usr_obj->login); + } + } else { do { if (($bdb = BriskDB::create()) == FALSE) { @@ -504,11 +604,10 @@ SELECT usr.*, guar.login AS guar_login SELECT usr.*, guar.login AS guar_login FROM %susers AS usr JOIN %susers AS guar ON guar.code = usr.guar_code - WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) ) - AND usr.disa_reas = %d - ORDER BY usr.lintm;", + WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer)) + AND usr.disa_reas = %d ORDER BY usr.lintm;", $G_dbpfx, $G_dbpfx, - USER_FLAG_TY_ALL & ~USER_FLAG_TY_APPR, USER_FLAG_TY_DISABLE, + USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_TOBECHK); if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) { log_crit("stat-day: select from tournaments failed"); @@ -516,13 +615,13 @@ SELECT usr.*, guar.login AS guar_login } $usr_n = pg_numrows($usr_pg); - $tab_lines = "UserGuarApprendiceDate"; + $tab_lines = "UserEMailGuarApprendiceDate"; for ($i = 0 ; $i < $usr_n ; $i++) { $usr_obj = pg_fetch_object($usr_pg, $i); - $tab_lines .= sprintf("%s%s%s%s\n", + $tab_lines .= sprintf("%s%s%s%s%s\n", $usr_obj->code, ($nocheck ? "" : "CHECKED"), - eschtml($usr_obj->login), eschtml($usr_obj->guar_login), + eschtml($usr_obj->login), eschtml($usr_obj->email), eschtml($usr_obj->guar_login), ($usr_obj->type & USER_FLAG_TY_APPR ? "Yes" : "No"), $usr_obj->lintm); }