mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-24 12:07:23 +08:00
new permission: user-delete + user-change-class
This commit is contained in:
xiaomlove
+3
-21
@@ -1,8 +1,7 @@
|
||||
<?php
|
||||
require "../include/bittorrent.php";
|
||||
dbconn();
|
||||
if (get_user_class() < UC_ADMINISTRATOR)
|
||||
stderr("Error", "Permission denied.");
|
||||
user_can('user-delete', true);
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST")
|
||||
{
|
||||
@@ -18,25 +17,8 @@ $arr = mysql_fetch_assoc($res);
|
||||
|
||||
$id = $arr['id'];
|
||||
$name = $arr['username'];
|
||||
try {
|
||||
\Nexus\Database\NexusDB::transaction(function () use ($id) {
|
||||
$affectedRows = \Nexus\Database\NexusDB::table('users')->where('id', $id)->delete();
|
||||
if ($affectedRows != 1) {
|
||||
throw new \RuntimeException("Unable to delete the account.");
|
||||
}
|
||||
$tables = [
|
||||
'hit_and_runs' => 'uid',
|
||||
'claims' => 'uid',
|
||||
'exam_users' => 'uid',
|
||||
'exam_progress' => 'uid',
|
||||
];
|
||||
foreach ($tables as $table => $key) {
|
||||
\Nexus\Database\NexusDB::table($table)->where($key, $id)->delete();
|
||||
}
|
||||
});
|
||||
} catch (\Exception $exception) {
|
||||
stderr("Error", $exception->getMessage());
|
||||
}
|
||||
$userRep = new \App\Repositories\UserRepository();
|
||||
$userRep->destroy($id);
|
||||
stderr("Success", "The account <b>".htmlspecialchars($name)."</b> was deleted.",false);
|
||||
}
|
||||
stdhead("Delete account");
|
||||
|
||||
+1
-1
@@ -194,7 +194,7 @@ if ($action == "edituser")
|
||||
if ($curclass >= get_user_class())
|
||||
puke();
|
||||
|
||||
if ($curclass != $class)
|
||||
if (user_can('user-change-class') && $curclass != $class)
|
||||
{
|
||||
$what = ($class > $curclass ? $lang_modtask_target[get_user_lang($userid)]['msg_promoted'] : $lang_modtask_target[get_user_lang($userid)]['msg_demoted']);
|
||||
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_class_change']);
|
||||
|
||||
+5
-1
@@ -221,7 +221,8 @@ elseif ($action == 'savesettings_authority') // save user authority
|
||||
'commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'torrent_hr', 'askreseed', 'viewnfo',
|
||||
'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage',
|
||||
'uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial',
|
||||
'view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar', 'torrent-approval', 'torrent-delete'
|
||||
'view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar', 'torrent-approval',
|
||||
'torrent-delete', 'user-delete', 'user-change-class',
|
||||
);
|
||||
GetVar($validConfig);
|
||||
$AUTHORITY = [];
|
||||
@@ -439,6 +440,9 @@ elseif ($action == 'authoritysettings') //Authority settings
|
||||
tr($lang_settings['row_comment_management'], $lang_settings['text_minimum_class'].classlist('commanage',$maxclass,$AUTHORITY['commanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_comment_management_note'],1);
|
||||
tr($lang_settings['row_forum_management'], $lang_settings['text_minimum_class'].classlist('forummanage',$maxclass,$AUTHORITY['forummanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_forum_management_note'],1);
|
||||
tr($lang_settings['row_view_userlist'], $lang_settings['text_minimum_class'].classlist('viewuserlist',$maxclass,$AUTHORITY['viewuserlist'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_userlist_note'],1);
|
||||
tr(nexus_trans('permission.user-delete.text'), $lang_settings['text_minimum_class'].classlist('user-delete',$maxclass,$AUTHORITY['user-delete'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).nexus_trans('permission.user-delete.desc'),1);
|
||||
tr(nexus_trans('permission.user-change-class.text'), $lang_settings['text_minimum_class'].classlist('user-change-class',$maxclass,$AUTHORITY['user-change-class'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).nexus_trans('permission.user-change-class.desc'),1);
|
||||
|
||||
tr($lang_settings['row_torrent_management'], $lang_settings['text_minimum_class'].classlist('torrentmanage',$maxclass,$AUTHORITY['torrentmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_torrent_management_note'], 1);
|
||||
tr($lang_settings['row_torrent_delete'], $lang_settings['text_minimum_class'].classlist('torrent-delete',$maxclass,$AUTHORITY['torrent-delete'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_delete_note'], 1);
|
||||
|
||||
|
||||
@@ -464,9 +464,11 @@ if (user_can('prfmanage') && $user["class"] < get_user_class())
|
||||
tr($lang_userdetails['row_donated'], "USD: <input type=\"text\" size=\"5\" name=\"donated\" value=\"" . htmlspecialchars($user['donated']) . "\" /> CNY: <input type=\"text\" size=\"5\" name=\"donated_cny\" value=\"" . htmlspecialchars($user['donated_cny']) . "\" />" . $lang_userdetails['text_transaction_memo'] . "<input type=\"text\" size=\"50\" name=\"donation_memo\" />", 1);
|
||||
tr($lang_userdetails['row_donoruntil'], "<input type=\"text\" name=\"donoruntil\" value=\"".htmlspecialchars($user["donoruntil"])."\" /> ".$lang_userdetails['text_donoruntil_note'], 1);
|
||||
}
|
||||
$maxclass = get_user_class() - 1;
|
||||
$classselect=classlist('class', $maxclass, $user["class"]);
|
||||
tr($lang_userdetails['row_class'], $classselect, 1);
|
||||
if (user_can('user-change-class')) {
|
||||
$maxclass = get_user_class() - 1;
|
||||
$classselect=classlist('class', $maxclass, $user["class"]);
|
||||
tr($lang_userdetails['row_class'], $classselect, 1);
|
||||
}
|
||||
tr($lang_userdetails['row_vip_by_bonus'], "<input type=\"radio\" name=\"vip_added\" value=\"yes\"" .($user["vip_added"] == "yes" ? " checked=\"checked\"" : "")." />".$lang_userdetails['radio_yes']." <input type=\"radio\" name=\"vip_added\" value=\"no\"" .($user["vip_added"] == "no" ? " checked=\"checked\"" : "")." />".$lang_userdetails['radio_no']."<br />".$lang_userdetails['text_vip_by_bonus_note'], 1);
|
||||
tr($lang_userdetails['row_vip_until'], "<input type=\"text\" name=\"vip_until\" value=\"".htmlspecialchars($user["vip_until"])."\" /> ".$lang_userdetails['text_vip_until_note'], 1);
|
||||
$supportlang = htmlspecialchars($user["supportlang"]);
|
||||
@@ -610,7 +612,7 @@ JS;
|
||||
print("</table>\n");
|
||||
print("</form>\n");
|
||||
end_frame();
|
||||
if (user_can('cruprfmanage'))
|
||||
if (user_can('user-delete'))
|
||||
{
|
||||
begin_frame($lang_userdetails['text_delete_user'], true);
|
||||
print("<form method=\"post\" action=\"delacctadmin.php\" name=\"deluser\">
|
||||
|
||||
Reference in New Issue
Block a user