malhuda/developer
1
0
Fork 0
mirror of https://github.com/easy-wi/developer.git synced 2025-02-20 11:23:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

#299: Suspending user's not working

Browse Source
This commit is contained in:
Ulrich Block 2014-01-28 20:35:38 +01:00
parent ddc9f2e6d4
commit 02e10ec5e5
1 changed files with 100 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
web/stuff/api_users.php
View File

@ -66,7 +66,7 @@ $mail_securitybreach = '';
$mail_serverdown = '';
$mail_ticket = '';
$mail_vserver = '';
if (array_value_exists('action','add',$data)) {
if (array_value_exists('action', 'add', $data)) {
if (ismail($data['email'])) {
$email = $data['email'];
$salt=md5(mt_rand().date('Y-m-d H:i:s:u'));
@ -196,14 +196,18 @@ if (array_value_exists('action','add',$data)) {
} else if (!isset($success['false'])) {
$success['false'][] = 'Can not identify user or bad email';
}
} else if (array_value_exists('action','mod',$data)) {
$identifyBy = $data['identify_by'];
$username = $data['username'];
$externalID = $data['external_id'];
$active=active_check($data['active']);
$active = active_check($data['active']);
$localID = $data['localid'];
$from=array('localid' => 'id','username' => 'cname','external_id' => 'externalID','email' => 'mail');
$from = array('localid' => 'id','username' => 'cname','external_id' => 'externalID','email' => 'mail');
if (dataExist('identify_by',$data)) {
$query = $sql->prepare("SELECT `id`,`cname`,`active` FROM `userdata` WHERE `".$from[$data['identify_by']]."`=? AND `resellerid`=?");
$query->execute(array($data[$data['identify_by']], $resellerID));
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) {
@ -211,12 +215,20 @@ if (array_value_exists('action','add',$data)) {
$name = $row['cname'];
$oldactive = $row['active'];
}
if (isset($localID)) {
$what = array();
$foundGroupIDs = array();
$userGroupIDs = array();
if (isset($data['password']) and !in_array($data['password'], $bad)) {
$password = $data['password'];
$newHash = passwordCreate($name, $data['password']);
if (is_array($newHash)) {
$what['security'] = $newHash['hash'];
$what['salt'] = $newHash['salt'];
@ -224,168 +236,222 @@ if (array_value_exists('action','add',$data)) {
$what['security'] = $newHash;
}
}
if (isset($data['email']) and ismail($data['email'])) {
$what['mail'] = $data['email'];
$mail = $what['mail'];
}
if (isset($data['name']) and names($data['name'],255)) {
$what['name']=names($data['name'],255);
$name = $what['name'];
}
if (isset($data['vname']) and names($data['vname'],255)) {
$what['vname']=names($data['vname'],255);
$vname = $what['vname'];
}
if (isset($data['phone']) and phone($data['phone'])) {
$what['phone']=phone($data['phone']);
$phone = $what['phone'];
}
if (isset($data['handy']) and phone($data['handy'])) {
$what['handy']=phone($data['handy']);
$handy = $what['handy'];
}
if (isset($data['fax']) and phone($data['fax'])) {
$what['fax']=phone($data['fax']);
$fax = $what['fax'];
}
if (isset($data['city']) and names($data['city'],50)) {
$what['city']=names($data['city'],50);
$city = $what['city'];
}
if (isset($data['cityn']) and is_number($data['cityn'],6)) {
$what['cityn']=is_number($data['cityn'],6);
$cityn = $what['cityn'];
}
if (isset($data['street']) and names($data['street'],50)) {
$what['street']=names($data['street'],50);
$street = $what['street'];
}
if (isset($data['streetn']) and wpreg_check($data['streetn'],6)) {
$what['streetn']=wpreg_check($data['streetn'],6);
$streetn = $what['streetn'];
}
if (isset($data['salutation']) and is_number($data['salutation'],1)) {
$what['salutation']=is_number($data['salutation'],1);
$salutation = $what['salutation'];
}
if (isset($data['birthday']) and isDate($data['birthday'])) {
$what['birthday']=date('Y-m-d',strtotime(isDate($data['birthday'])));
$birthday = $what['birthday'];
}
if (isset($data['country']) and st(strtolower($data['country']))) {
$what['country']=st(strtolower($data['country']));
if (isset($data['country']) and wpreg_check($data['country'], 2)) {
$what['country'] = wpreg_check(strtolower($data['country']),2);
$country = $what['country'];
}
if (isset($data['mail_backup']) and active_check($data['mail_backup'])) {
$what['mail_backup'] = $data['mail_backup'];
$mail_backup = $what['mail_backup'];
}
if (isset($data['mail_gsupdate']) and active_check($data['mail_gsupdate'])) {
$what['mail_gsupdate'] = $data['mail_gsupdate'];
$mail_gsupdate = $what['mail_gsupdate'];
}
if (isset($data['mail_securitybreach']) and active_check($data['mail_securitybreach'])) {
$what['mail_securitybreach'] = $data['mail_securitybreach'];
$mail_securitybreach = $what['mail_securitybreach'];
}
if (isset($data['mail_serverdown']) and active_check($data['mail_serverdown'])) {
$what['mail_serverdown'] = $data['mail_serverdown'];
$mail_serverdown = $what['mail_serverdown'];
}
if (isset($data['mail_ticket']) and active_check($data['mail_ticket'])) {
$what['mail_ticket'] = $data['mail_ticket'];
$mail_ticket = $what['mail_ticket'];
}
if (isset($data['mail_vserver']) and active_check($data['mail_vserver'])) {
$what['mail_vserver'] = $data['mail_vserver'];
$mail_vserver = $what['mail_vserver'];
}
if (isset($data['fdlpath']) and isurl($data['fdlpath'])) {
$what['fdlpath'] = $data['fdlpath'];
$fdlpath = $what['fdlpath'];
}
$foundGroupIDs = array();
$userGroupIDs = array();
$query = $sql->prepare("SELECT `groupID` FROM `userdata_groups` WHERE `userID`=? AND `resellerID`=?");
$query->execute(array($localID,$resellerID));
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) $foundGroupIDs[] = $row['id'];
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) {
$foundGroupIDs[] = $row['groupID'];
}
$query = $sql->prepare("SELECT `id` FROM `usergroups` WHERE `active`='Y' AND `id`=? AND `resellerid`=? LIMIT 1");
if (isset($data['groupID']) and isid($data['groupID'],19)) {
$query->execute(array($data['groupID'],$resellerID));
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) $userGroupIDs[] = $row['id'];
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) {
$userGroupIDs[] = $row['id'];
}
} else if (isset($data['groupID']) and (is_array($data['groupID'])) or is_object($data['groupID'])) {
foreach ($data['groupID'] as $groupID) {
if (isid($groupID,19)) {
$query->execute(array($groupID,$resellerID));
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) $userGroupIDs[] = $row['id'];
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) {
$userGroupIDs[] = $row['id'];
}
}
}
}
$query = $sql->prepare("DELETE FROM `userdata_groups` WHERE `userID`=? AND `groupID`=? AND `resellerID`=? LIMIT 1");
foreach ($foundGroupIDs as $groupID) {
if (!in_array($groupID,$userGroupIDs)) $query->execute(array($localID,$groupID,$resellerID));
if (!in_array($groupID,$userGroupIDs)) {
$query->execute(array($localID,$groupID,$resellerID));
}
}
$extraUpdate = '';
foreach($what as $key=>$value) {
$extraUpdate .=",`".$key."`='".$value."'";
}
$query = $sql->prepare("UPDATE `userdata` SET `updateTime`=NOW() $extraUpdate WHERE `id`=? AND `resellerid`=?");
$query->execute(array($localID,$resellerID));
$query->execute(array($localID, $resellerID));
if (!in_array($active,$bad) and $active != $oldactive) {
$update = $sql->prepare("UPDATE `jobs` SET `status`='2' WHERE `type`='us' AND (`status` IS NULL OR `status`='1') AND `userID`=? and `resellerID`=?");
$update->execute(array($localID,$resellerID));
$insert = $sql->prepare("INSERT INTO `jobs` (`api`,`type`,`invoicedByID`,`affectedID`,`userID`,`name`,`status`,`date`,`action`,`extraData`,`resellerid`) VALUES ('A','us',?,?,?,?,NULL,NOW(),'md',?)");
$insert->execute(array($resellerID,$localID,$localID,$name,json_encode(array('newActive' => $useractive)),$resellerID));
updateJobs($localID,$resellerID);
$query = $sql->prepare("UPDATE `jobs` SET `status`='2' WHERE `type`='us' AND (`status` IS NULL OR `status`='1') AND `userID`=? and `resellerID`=?");
$query->execute(array($localID, $resellerID));
$query = $sql->prepare("INSERT INTO `jobs` (`api`,`type`,`invoicedByID`,`affectedID`,`userID`,`name`,`status`,`date`,`action`,`extraData`,`resellerid`) VALUES ('A','us',?,?,?,?,NULL,NOW(),'md',?,?)");
$query->execute(array($resellerID, $localID, $localID, $name, json_encode(array('newActive' => $active)), $resellerID));
updateJobs($localID, $resellerID);
}
} else {
$success['false'][] = 'No user can be found to edit';
}
} else {
$success['false'][] = 'No data for this method';
}
} else if (array_value_exists('action','del',$data)) {
} else if (array_value_exists('action','del', $data)) {
$email = $data['email'];
$identifyBy = $data['identify_by'];
$username = $data['username'];
$password = $data['password'];
$externalID = $data['external_id'];
$active=active_check($data['active']);
$active = active_check($data['active']);
$localID = $data['localid'];
$from=array('localid' => 'id','username' => 'cname','external_id' => 'externalID','email' => 'mail');
$from = array('localid' => 'id','username' => 'cname','external_id' => 'externalID','email' => 'mail');
if (dataExist('identify_by',$data)) {
$query = $sql->prepare("SELECT `id`,`cname` FROM `userdata` WHERE `".$from[$data['identify_by']]."`=? AND `resellerid`=?");
$query->execute(array($data[$data['identify_by']],$resellerID));
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) {
$localID = $row['id'];
$name = $row['cname'];
}
if (isset($localID) and isset($name)) {
$update = $sql->prepare("UPDATE `jobs` SET `status`='2' WHERE (`status` IS NULL OR `status`='1') AND `userID`=? and `resellerID`=?");
$update->execute(array($localID,$resellerID));
$insert = $sql->prepare("INSERT INTO `jobs` (`api`,`type`,`invoicedByID`,`affectedID`,`userID`,`name`,`status`,`date`,`action`,`resellerid`) VALUES ('A','us',?,?,?,?,NULL,NOW(),'dl',?)");
$insert->execute(array($resellerID,$localID,$localID,$name,$resellerID));
updateJobs($localID,$resellerID);
$delete = $sql->prepare("DELETE FROM `userdata` WHERE `".$from[$data['identify_by']]."`=? AND `resellerid`=?");
$delete->execute(array($data[$data['identify_by']],$resellerID));
$query = $sql->prepare("UPDATE `jobs` SET `status`='2' WHERE (`status` IS NULL OR `status`='1') AND `userID`=? and `resellerID`=?");
$query->execute(array($localID, $resellerID));
$query = $sql->prepare("INSERT INTO `jobs` (`api`,`type`,`invoicedByID`,`affectedID`,`userID`,`name`,`status`,`date`,`action`,`resellerid`) VALUES ('A','us',?,?,?,?,NULL,NOW(),'dl',?)");
$query->execute(array($resellerID, $localID, $localID, $name, $resellerID));
updateJobs($localID, $resellerID);
#$query = $sql->prepare("DELETE FROM `userdata` WHERE `".$from[$data['identify_by']]."`=? AND `resellerid`=?");
#$query->execute(array($data[$data['identify_by']],$resellerID));
} else {
$success['false'][] = 'No user can be found to delete';
}
} else {
$success['false'][] = 'No data for this method';
}
} else if (array_value_exists('action','ls',$data) and isset($data['identify_by']) and isset($data[$data['identify_by']]) and !in_array($data[$data['identify_by']],$bad)) {
$userArray=array('userdetails' => array(),'gserver' => array(),'voice' => array());
} else if (array_value_exists('action', 'ls', $data) and isset($data['identify_by']) and isset($data[$data['identify_by']]) and !in_array($data[$data['identify_by']],$bad)) {
$userArray = array('userdetails' => array(),'gserver' => array(),'voice' => array());
$email = $data['email'];
$identifyBy = $data['identify_by'];
$username = $data['username'];
$password = $data['password'];
$externalID = $data['external_id'];
$active=active_check($data['active']);
$active = active_check($data['active']);
$localID = $data['localid'];
$from=array('localid' => 'id','username' => 'cname','external_id' => 'externalID','email' => 'mail','mysql' => array());
if (dataExist('identify_by',$data)) {
$query = $sql->prepare("SELECT `id`,`active`,`cname`,`name`,`vname`,`mail`,`phone`,`handy`,`city`,`cityn`,`street`,`streetn`,`usergroup`,`externalID`,`jobPending` FROM `userdata` WHERE `".$from[$data['identify_by']]."`=? AND `resellerid`=? LIMIT 1");
$from = array('localid' => 'id', 'username' => 'cname', 'external_id' => 'externalID', 'email' => 'mail', 'mysql' => array());
if (dataExist('identify_by', $data)) {
$query = $sql->prepare("SELECT `id`,`active`,`cname`,`name`,`vname`,`mail`,`phone`,`handy`,`city`,`cityn`,`street`,`streetn`,`externalID`,`jobPending` FROM `userdata` WHERE `".$from[$data['identify_by']]."`=? AND `resellerid`=? LIMIT 1");
$query->execute(array($data[$data['identify_by']],$resellerID));
foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) {
$userArray['userdetails'] = $row;
@ -402,7 +468,7 @@ if (array_value_exists('action','add',$data)) {
foreach ($query2->fetchAll(PDO::FETCH_ASSOC) as $row2) {
$shorten[] = $row2['shorten'];
}
$row['shorten']=implode(',',$shorten);
$row['shorten'] = implode(',',$shorten);
$tempArray[] = $row;
}
$userArray['gserver'] = $tempArray;