forked from fluxbb/plugins
-
Notifications
You must be signed in to change notification settings - Fork 0
/
AP_User_Merge.php
374 lines (323 loc) · 17.7 KB
/
AP_User_Merge.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
<?php
/**
* The User Merge plugins allows administrators to merge two user accounts.
*
* Copyright (C) 20058 Terrell Russell ([email protected])
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
*/
// Make sure no one attempts to run this script "directly"
if (!defined('PUN'))
exit;
// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);
// --------------------------------------------------------------------
// Pluralize
function pluralize($count, $singular, $plural = false)
{return ($count == 1 ? $singular : ($plural ? $plural : $singular . 's'));}
// --------------------------------------------------------------------
// Confirm & Pre-Flight Page
if (isset($_POST['confirm_users']))
{
// Make sure message body was entered
if (trim($_POST['userid_to_wipe']) == '')
message('You must select a user to wipe away!');
// Make sure message subject was entered
if (trim($_POST['userid_to_remain']) == '')
message('You must select a user to be merged into!');
// Make sure the users are different
if (trim($_POST['userid_to_wipe']) == trim($_POST['userid_to_remain']))
message('You must select two different users!');
// setup userids
$userid_to_wipe = trim($_POST['userid_to_wipe']);
$userid_to_remain = trim($_POST['userid_to_remain']);
// get the usernames and realnames from the passed userids
$sql = "SELECT username, realname, email FROM ".$db->prefix."users WHERE id='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not get username_to_wipe', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$username_to_wipe = $row['username'];
$realname_to_wipe = $row['realname'];
$email_to_wipe = $row['email'];
$sql = "SELECT username, realname, email FROM ".$db->prefix."users WHERE id='".$userid_to_remain."'";
$result = $db->query($sql) or error('Could not get username_to_remain', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$username_to_remain = $row['username'];
$realname_to_remain = $row['realname'];
$email_to_remain = $row['email'];
// forums - last_poster(u)
$sql = "SELECT count(*) as forums_count FROM ".$db->prefix."forums WHERE last_poster='".$username_to_wipe."'";
$result = $db->query($sql) or error('Could not read the forums table', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['forums'] = $row['forums_count'];
// online - user_id(id)
$sql = "SELECT count(*) as online_count FROM ".$db->prefix."online WHERE user_id='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not read the online table', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['online'] = $row['online_count'];
// posts - poster_id(id), edited_by(u)
$sql = "SELECT count(*) as posts1_count FROM ".$db->prefix."posts WHERE poster_id='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not read the posts table (1)', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['posts1'] = $row['posts1_count'];
$sql = "SELECT count(*) as posts2_count FROM ".$db->prefix."posts WHERE edited_by='".$username_to_wipe."'";
$result = $db->query($sql) or error('Could not read the posts table (2)', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['posts2'] = $row['posts2_count'];
// reports - reported_by(id), zapped_by(id)
$sql = "SELECT count(*) as reports1_count FROM ".$db->prefix."reports WHERE reported_by='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not read the reports table (1)', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['reports1'] = $row['reports1_count'];
$sql = "SELECT count(*) as reports2_count FROM ".$db->prefix."reports WHERE zapped_by='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not read the reports table (2)', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['reports2'] = $row['reports2_count'];
// subscriptions - user_id(id)
$sql = "SELECT count(*) as subscriptions_count FROM ".$db->prefix."subscriptions WHERE user_id='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not read the subscriptions table', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['subscriptions'] = $row['subscriptions_count'];
// topics - poster(u), last_poster(u)
$sql = "SELECT count(*) as topics1_count FROM ".$db->prefix."topics WHERE poster='".$username_to_wipe."'";
$result = $db->query($sql) or error('Could not read the topics table (1)', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['topics1'] = $row['topics1_count'];
$sql = "SELECT count(*) as topics2_count FROM ".$db->prefix."topics WHERE last_poster='".$username_to_wipe."'";
$result = $db->query($sql) or error('Could not read the topics table (2)', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['topics2'] = $row['topics2_count'];
// users - id(id)
$sql = "SELECT count(*) as users_count FROM ".$db->prefix."users WHERE id='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not read the users table', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$counts['users'] = $row['users_count'];
// generate display names
$wipe_display = "[<strong>".pun_htmlspecialchars($username_to_wipe)."</strong>]";
if (pun_htmlspecialchars($realname_to_wipe)!=""){ $wipe_display .= " ".pun_htmlspecialchars($realname_to_wipe);}
if (pun_htmlspecialchars($email_to_wipe)!=""){ $wipe_display .= " <".pun_htmlspecialchars($email_to_wipe).">";}
$remain_display = "[<strong>".pun_htmlspecialchars($username_to_remain)."</strong>]";
if (pun_htmlspecialchars($realname_to_remain)!=""){ $remain_display .= " ".pun_htmlspecialchars($realname_to_remain);}
if (pun_htmlspecialchars($email_to_remain)!=""){ $remain_display .= " <".pun_htmlspecialchars($email_to_remain).">";}
// Display the admin navigation menu
generate_admin_menu($plugin);
?>
<div id="exampleplugin" class="blockform">
<h2><span>User Merge - Confirm</span></h2>
<div class="box">
<div class="inbox">
<p>Please confirm your user selections here.<br /><br />If something is not correct, please <a href="javascript: history.go(-1)">Go Back</a>.</p>
</div>
</div>
<h2 class="block2"><span>Confirm Users (Step 2 of 3)</span></h2>
<div class="box">
<form id="usermerge" method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
<div class="inform">
<input type="hidden" name="userid_to_wipe" value="<?php echo pun_htmlspecialchars($userid_to_wipe) ?>" />
<input type="hidden" name="userid_to_remain" value="<?php echo pun_htmlspecialchars($userid_to_remain) ?>" />
<fieldset>
<legend>User to be Merged and then Deleted</legend>
<div class="infldset">
<p><?php echo $wipe_display ?></p>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend>User to be Merged Into</legend>
<div class="infldset">
<p><?php echo $remain_display ?></p>
</div>
</fieldset>
</div>
<div class="inform">
<input type="hidden" name="userid_to_wipe" value="<?php echo pun_htmlspecialchars($userid_to_wipe) ?>" />
<input type="hidden" name="userid_to_remain" value="<?php echo pun_htmlspecialchars($userid_to_remain) ?>" />
<fieldset>
<legend>Effects of this Merge</legend>
<div class="infldset">
<p>[ <strong><?php echo $counts['forums'] ?></strong> ] 'forums' <?php echo pluralize($counts['forums'],"entry","entries") ?> to be updated</p>
<p>[ <strong><?php echo $counts['online'] ?></strong> ] 'online' user <?php echo pluralize($counts['online'],"entry","entries") ?> to be updated</p>
<p>[ <strong><?php echo $counts['posts1'] ?></strong> ] 'posts' <?php echo pluralize($counts['posts1'],"entry","entries") ?> to be updated</p>
<p>[ <strong><?php echo $counts['reports1'] ?></strong> ] 'reports' <?php echo pluralize($counts['reports1'],"entry","entries") ?> to be updated</p>
<p>[ <strong><?php echo $counts['subscriptions'] ?></strong> ] 'subscriptions' <?php echo pluralize($counts['subscriptions'],"entry","entries") ?> to be updated</p>
<p>[ <strong><?php echo $counts['topics1'] ?></strong> ] 'topics' <?php echo pluralize($counts['topics1'],"entry","entries") ?> to be updated</p>
<p>[ <strong><?php echo $counts['users'] ?></strong> ] 'users' <?php echo pluralize($counts['users'],"entry","entries") ?> to be deleted</p>
</div>
</fieldset>
</div>
<div class="fsetsubmit"><input type="submit" name="merge_the_users" value="Confirmed - Merge Them." tabindex="3" /></div>
<p class="topspace">Please hit this button only once. Patience is key.</p>
</form>
</div>
</div>
<?php
}
// --------------------------------------------------------------------
// Merge the Users
else if (isset($_POST['merge_the_users']))
{
// setup userids
$userid_to_wipe = trim($_POST['userid_to_wipe']);
$userid_to_remain = trim($_POST['userid_to_remain']);
// get the usernames and realnames from the passed userids
$sql = "SELECT username, realname FROM ".$db->prefix."users WHERE id='".$userid_to_wipe."'";
$result = $db->query($sql) or error('Could not get username_to_wipe', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$username_to_wipe = $row['username'];
$realname_to_wipe = $row['realname'];
$sql = "SELECT username, realname FROM ".$db->prefix."users WHERE id='".$userid_to_remain."'";
$result = $db->query($sql) or error('Could not get username_to_remain', __FILE__, __LINE__, $db->error());
$row = $db->fetch_assoc($result);
$username_to_remain = $row['username'];
$realname_to_remain = $row['realname'];
// forums - update last_poster(u)
$sql = "UPDATE ".$db->prefix."forums SET last_poster='$username_to_remain' WHERE last_poster='$username_to_wipe'";
$result = $db->query($sql) or error('Could not update the forums table', __FILE__, __LINE__, $db->error());
// forums - update moderators
$sql = "SELECT id, moderators FROM ".$db->prefix."forums";
$result = $db->query($sql) or error('Could not get moderators from forums table', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
if (in_array($userid_to_wipe, $cur_moderators))
{
$username = array_search($userid_to_wipe, $cur_moderators);
unset($cur_moderators[$username]);
$cur_moderators[$username_to_remain] = $userid_to_remain;
ksort($cur_moderators);
$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
$sql = "UPDATE ".$db->prefix."forums SET moderators=".$cur_moderators." WHERE id=".$cur_forum['id'];
$result = $db->query($sql) or error('Could not update the moderators', __FILE__, __LINE__, $db->error());
}
}
// online - delete where user_id(id)
$sql = "UPDATE ".$db->prefix."online SET user_id='$userid_to_remain', ident='$username_to_remain' WHERE user_id='$userid_to_wipe'";
$result = $db->query($sql) or error('Could not update the online table', __FILE__, __LINE__, $db->error());
// posts - update poster(u), poster_id(id), edited_by(u)
$sql = "UPDATE ".$db->prefix."posts SET poster='$username_to_remain', poster_id='$userid_to_remain' WHERE poster_id='$userid_to_wipe'";
$result = $db->query($sql) or error('Could not update the posts table (1)', __FILE__, __LINE__, $db->error());
$sql = "UPDATE ".$db->prefix."posts SET edited_by='$username_to_remain' WHERE edited_by='$username_to_wipe'";
$result = $db->query($sql) or error('Could not update the posts table (2)', __FILE__, __LINE__, $db->error());
// reports - update reported_by(id), zapped_by(id)
$sql = "UPDATE ".$db->prefix."reports SET reported_by='$userid_to_remain' WHERE reported_by='$userid_to_wipe'";
$result = $db->query($sql) or error('Could not update the reports table (1)', __FILE__, __LINE__, $db->error());
$sql = "UPDATE ".$db->prefix."reports SET zapped_by='$userid_to_remain' WHERE zapped_by='$userid_to_wipe'";
$result = $db->query($sql) or error('Could not update the reports table (2)', __FILE__, __LINE__, $db->error());
// subscriptions - update where user_id(id)
$sql = "UPDATE ".$db->prefix."subscriptions SET user_id='$userid_to_remain' WHERE user_id='$userid_to_wipe'";
$result = $db->query($sql) or error('Could not update the subscriptions table', __FILE__, __LINE__, $db->error());
// topics - update poster(u), last_poster(u)
$sql = "UPDATE ".$db->prefix."topics SET poster='$username_to_remain' WHERE poster='$username_to_wipe'";
$result = $db->query($sql) or error('Could not update the topics table (1)', __FILE__, __LINE__, $db->error());
$sql = "UPDATE ".$db->prefix."topics SET last_poster='$username_to_remain' WHERE last_poster='$username_to_wipe'";
$result = $db->query($sql) or error('Could not update the topics table (2)', __FILE__, __LINE__, $db->error());
// users - find by id(id), delete them (this should be the last step)
$sql = "DELETE FROM ".$db->prefix."users WHERE id='$userid_to_wipe'";
$result = $db->query($sql) or error('Could not update the users table', __FILE__, __LINE__, $db->error());
// Display the admin navigation menu
generate_admin_menu($plugin);
?>
<div class="block">
<h2><span>User Merge - Merge Complete</span></h2>
<div class="box">
<div class="inbox">
<p>The merge is complete.</p>
</div>
</div>
<h2 class="block2"><span>Results (Step 3 of 3)</span></h2>
<div class="box">
<div class="inbox">
<p>[<strong><?php echo $username_to_remain ?></strong>] has been given credit for all of [<strong><?php echo $username_to_wipe ?></strong>]'s posts.</p>
<p>[<strong><?php echo $username_to_wipe ?></strong>] has been deleted.</p>
</div>
</div>
</div>
<?php
}
// --------------------------------------------------------------------
// Display the Main Page
else
{
// Get all user accounts except Guest
$sql = "SELECT id, username, realname, email FROM ".$db->prefix."users WHERE id!='1' ORDER BY username, realname";
$result = $db->query($sql) or error('Could not get all users', __FILE__, __LINE__, $db->error());
while($row = $db->fetch_assoc($result))
{
$usernames[$row['id']] = $row['username'];
$realnames[$row['id']] = $row['realname'];
$emails[$row['id']] = $row['email'];
}
// Display the admin navigation menu
generate_admin_menu($plugin);
?>
<div id="exampleplugin" class="blockform">
<h2><span>User Merge</span></h2>
<div class="box">
<div class="inbox">
<p>This plugin allows the Administrator to merge two existing user accounts into one.</p>
<p>There will be a confirmation page after this one - to make sure you have not made any mistakes.</p>
</div>
</div>
<h2 class="block2"><span>User Selection (Step 1 of 3)</span></h2>
<div class="box">
<form id="usermerge" method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
<div class="inform">
<fieldset>
<legend>User to be Merged and then Deleted</legend>
<div class="infldset">
<table class="aligntop" cellspacing="0">
<tr>
<td>
<select name="userid_to_wipe" tabindex="3">
<?php
foreach($usernames as $userid=>$username)
{
if ($pun_user['id'] != $userid)
{
$display = "[".pun_htmlspecialchars($username)."]";
if (pun_htmlspecialchars($realnames[$userid])!=""){ $display .= " ".pun_htmlspecialchars($realnames[$userid]);}
if (pun_htmlspecialchars($emails[$userid])!=""){ $display .= " <".pun_htmlspecialchars($emails[$userid]).">";}
echo " ".'<option value="'.$userid.'">'.$display.'</option>'."\n";
}
}
?>
</select>
<span>Select the user you wish to merge into the user below.</span>
</td>
</tr>
</table>
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend>User to be Merged Into</legend>
<div class="infldset">
<table class="aligntop" cellspacing="0">
<tr>
<td>
<select name="userid_to_remain" tabindex="3">
<?php
foreach($usernames as $userid=>$username)
{
$display = "[".pun_htmlspecialchars($username)."]";
if (pun_htmlspecialchars($realnames[$userid])!=""){ $display .= " ".pun_htmlspecialchars($realnames[$userid]);}
if (pun_htmlspecialchars($emails[$userid])!=""){ $display .= " <".pun_htmlspecialchars($emails[$userid]).">";}
echo " ".'<option value="'.$userid.'">'.$display.'</option>'."\n";
}
?>
</select>
<span>Select the user that will inherit the above user's posts.</span>
</td>
</tr>
</table>
</div>
</fieldset>
</div>
<div class="fsetsubmit"><input type="submit" name="confirm_users" value="Continue to Confirmation Page" tabindex="3" /></div>
</form>
</div>
</div>
<?php
}
// --------------------------------------------------------------------
// Note that the script just ends here. The footer will be included by admin_loader.php.