/include/inc_act/act_user.php
PHP | 63 lines | 45 code | 8 blank | 10 comment | 10 complexity | ddd86e39995d0626e708faeffadcd130 MD5 | raw file
Possible License(s): AGPL-1.0, LGPL-2.1, ISC, MIT, LGPL-3.0, GPL-2.0, MPL-2.0-no-copyleft-exception, LGPL-2.0, BSD-3-Clause
- <?php
- /**
- * phpwcms content management system
- *
- * @author Oliver Georgi <oliver@phpwcms.de>
- * @copyright Copyright (c) 2002-2013, Oliver Georgi
- * @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
- * @link http://www.phpwcms.de
- *
- **/
- session_start();
- $phpwcms = array();
- require_once ('../../config/phpwcms/conf.inc.php');
- require_once ('../inc_lib/default.inc.php');
- require_once (PHPWCMS_ROOT.'/include/inc_lib/dbcon.inc.php');
- require_once (PHPWCMS_ROOT.'/include/inc_lib/general.inc.php');
- checkLogin();
- require_once (PHPWCMS_ROOT.'/include/inc_lib/backend.functions.inc.php');
- if($_SESSION["wcs_user_admin"] == 1) { //Wenn Benutzer Admin-Rechte hat
- //Löschen eines Benutzers
- if(isset($_GET["del"])) {
- $ui = explode(":", clean_slweg($_GET["del"]));
- $user_id = intval($ui[0]);
- $user_email = '';
- if(isset($ui[1])) {
- $user_email = $ui[1];
- }
- if($user_id <> $_SESSION["wcs_user_id"]) {
- $sql = "UPDATE ".DB_PREPEND."phpwcms_user SET ".
- "usr_login='".generic_string(10)."', ".
- "usr_pass='".md5(generic_string(10))."', ".
- "usr_email='', ".
- "usr_admin=0, ".
- "usr_aktiv=9 ".
- "WHERE usr_id=".$user_id." AND ".
- "usr_email='".aporeplace($user_email)."';";
- if($result = mysql_query($sql, $db)) {
- if(is_valid_email($user_email)) {
- @mail($user_email, "your account", "YOUR PHPWCMS ACCOUNT WAS DELETED\n \ncontact the admin if you have any question.\n\nSee you at ".$phpwcms["site"], "From: ".$phpwcms["admin_email"]."\nReply-To: ".$phpwcms["admin_email"]."\n");
- }
- }
- }
- }
-
- if(isset($_GET["aktiv"])) {
- $ui = explode(":", clean_slweg($_GET["aktiv"]));
- $user_id = intval($ui[0]);
- $user_aktiv = !empty($ui[1]) ? 1 : 0;
- if($user_id <> $_SESSION["wcs_user_id"]) {
- $sql = "UPDATE ".DB_PREPEND."phpwcms_user SET usr_aktiv=".$user_aktiv." WHERE usr_id=".$user_id.";";
- mysql_query($sql, $db) or die ("error");
- }
- }
-
- } //Ende Abarbeiten Aktion
- headerRedirect(PHPWCMS_URL.'phpwcms.php?do=admin');
- ?>