1
0
Fork 0
mirror of https://github.com/DanielnetoDotCom/YouPHPTube synced 2025-10-06 03:50:04 +02:00

you can now delete users

This commit is contained in:
DanieL 2022-10-11 12:51:30 -03:00
parent 0cd40b1359
commit 74414a4b45
6 changed files with 184 additions and 12 deletions

View file

@ -32,7 +32,7 @@ class Captcha
//$letters = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnPpQqRrSsTtUuVvYyXxWwZz23456789'; //$letters = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnPpQqRrSsTtUuVvYyXxWwZz23456789';
$letters = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnPpQqRrSsTtUuVvYyXxWwZz23456789'; $letters = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnPpQqRrSsTtUuVvYyXxWwZz23456789';
$palavra = substr(str_shuffle($letters), 0, ($this->quantidade_letras)); $palavra = substr(str_shuffle($letters), 0, ($this->quantidade_letras));
if (User::isAdmin()) { if (User::isAdmin() && empty($_REQUEST['forceCaptcha'])) {
$palavra = "admin"; $palavra = "admin";
} }
_session_start(); _session_start();
@ -57,7 +57,7 @@ class Captcha
public static function validation($word) public static function validation($word)
{ {
if (User::isAdmin()) { if (User::isAdmin() && $_SESSION["palavra"] === 'admin') {
return true; return true;
} }
_session_start(); _session_start();

View file

@ -906,20 +906,21 @@ if (typeof gtag !== \"function\") {
} }
public function delete() { public function delete() {
if (!self::isAdmin()) { if (!Permissions::canAdminUsers()) {
return false; if (self::getId() !== $this->id) {
} _error_log('Delete user error, users_id does not match: ['.self::getId().'] !== ['.$this->id.']');
// cannot delete yourself return false;
if (self::getId() === $this->id) { }
return false;
} }
global $global; global $global;
if (!empty($this->id)) { if (!empty($this->id)) {
$sql = "DELETE FROM users WHERE id = ?"; $sql = "DELETE FROM users WHERE id = ?";
} else { } else {
_error_log('Delete user error, this->id is empty');
return false; return false;
} }
_error_log('Delete user execute: '.$this->id);
return sqlDAL::writeSql($sql, "i", [$this->id]); return sqlDAL::writeSql($sql, "i", [$this->id]);
} }
@ -1046,17 +1047,25 @@ if (typeof gtag !== \"function\") {
return ""; return "";
} }
public static function getCaptchaForm($uid = "") { public static function getCaptchaForm($uid = "", $forceCaptcha=false) {
global $global; global $global;
$url = "{$global['webSiteRootURL']}captcha";
if($forceCaptcha){
$url = addQueryStringParameter($url, 'forceCaptcha', 1);
}
return '<div class="input-group">' return '<div class="input-group">'
. '<span class="input-group-addon"><img src="' . $global['webSiteRootURL'] . 'captcha" id="captcha' . $uid . '"></span> . '<span class="input-group-addon"><img src="'.$url.'" id="captcha' . $uid . '"></span>
<span class="input-group-addon"><span class="btn btn-xs btn-success btnReloadCapcha" id="btnReloadCapcha' . $uid . '"><span class="glyphicon glyphicon-refresh"></span></span></span> <span class="input-group-addon"><span class="btn btn-xs btn-success btnReloadCapcha" id="btnReloadCapcha' . $uid . '"><span class="glyphicon glyphicon-refresh"></span></span></span>
<input name="captcha" placeholder="' . __("Type the code") . '" class="form-control" type="text" style="height: 60px;" maxlength="5" id="captchaText' . $uid . '"> <input name="captcha" placeholder="' . __("Type the code") . '" class="form-control" type="text" style="height: 60px;" maxlength="5" id="captchaText' . $uid . '">
</div> </div>
<script> <script>
$(document).ready(function () { $(document).ready(function () {
$("#btnReloadCapcha' . $uid . '").click(function () { $("#btnReloadCapcha' . $uid . '").click(function () {
$("#captcha' . $uid . '").attr("src", "' . $global['webSiteRootURL'] . 'captcha?" + Math.random()); var url = "'.$url.'";
url = addQueryStringParameter(url, "cache", Math.random());
$("#captcha' . $uid . '").attr("src", url);
$("#captchaText' . $uid . '").val(""); $("#captchaText' . $uid . '").val("");
}); });
}); });

View file

@ -537,6 +537,7 @@ class CustomizeUser extends PluginAbstract {
$btn .= '<li><a data-toggle="tab" href="#tabAffiliation">' . __('Affiliations') . ' '.$totalNotifications.'</a></li>'; $btn .= '<li><a data-toggle="tab" href="#tabAffiliation">' . __('Affiliations') . ' '.$totalNotifications.'</a></li>';
} }
$btn .= '<li><a onclick="avideoModalIframeSmall(webSiteRootURL+\'plugin/CustomizeUser/confirmDeleteUser.php?users_id='.$users_id.'\');return false;" style="cursor: pointer;"><i class="fas fa-trash"></i> ' . __('Delete My User') . '</a></li>';
return $btn; return $btn;
} }
@ -588,6 +589,7 @@ class CustomizeUser extends PluginAbstract {
$obj = $p->getDataObject(); $obj = $p->getDataObject();
$btn = ''; $btn = '';
if (Permissions::canAdminUsers()) { if (Permissions::canAdminUsers()) {
$btn .= '<button type="button" class="btn btn-danger btn-sm btn-xs btn-block" onclick="avideoModalIframeSmall(webSiteRootURL+\\\'plugin/CustomizeUser/confirmDeleteUser.php?users_id=\'+ row.id + \'\\\');" data-row-id="right" data-toggle="tooltip" data-placement="left" title="' . __('Delete User') . '"><i class="fas fa-trash"></i> ' . __('Delete') . '</button>';
if (self::showExtraInfo()) { if (self::showExtraInfo()) {
$btn .= '<button type="button" class="btn btn-default btn-light btn-sm btn-xs btn-block" onclick="avideoAlertAJAXHTML(webSiteRootURL+\\\'plugin/CustomizeUser/View/extraInfo.php?users_id=\'+ row.id + \'\\\');" data-row-id="right" data-toggle="tooltip" data-placement="left" title="' . __('Show Extra Info') . '"><i class="fas fa-info"></i> ' . __('Extra Info') . '</button>'; $btn .= '<button type="button" class="btn btn-default btn-light btn-sm btn-xs btn-block" onclick="avideoAlertAJAXHTML(webSiteRootURL+\\\'plugin/CustomizeUser/View/extraInfo.php?users_id=\'+ row.id + \'\\\');" data-row-id="right" data-toggle="tooltip" data-placement="left" title="' . __('Show Extra Info') . '"><i class="fas fa-info"></i> ' . __('Extra Info') . '</button>';
} }

View file

@ -0,0 +1,60 @@
<?php
require_once '../../videos/configuration.php';
require_once $global['systemRootPath'] . 'objects/captcha.php';
header('Content-Type: application/json');
$obj = new stdClass();
$obj->error = true;
$obj->msg = '';
if (empty($_REQUEST['captcha'])) {
$obj->msg = 'Empty captcha';
die(json_encode($obj));
}
$valid = Captcha::validation(@$_REQUEST['captcha']);
if (empty($valid)) {
$obj->msg = 'Invalid captcha';
die(json_encode($obj));
}
$obj->users_id = intval(@$_REQUEST['users_id']);
if (empty($obj->users_id) || !Permissions::canAdminUsers()) {
$obj->users_id = User::getId();
}
if (empty($obj->users_id)) {
$obj->msg = 'Empty users_id';
die(json_encode($obj));
}
$user = new User($obj->users_id);
$videos = Video::getAllVideosLight('', $obj->users_id);
foreach ($videos as $value) {
if($value['users_id'] != $obj->users_id){
continue;
}
$video = new Video('', '', $value['id']);
$video->delete();
}
$obj->delete = $user->delete();
$obj->error = empty($obj->delete);
if(empty($obj->error)){
$obj->msg = 'User Deleted';
if($obj->users_id == User::getId()){
//$obj->msg = 'User Deleted';
User::logoff();
}
}
die(json_encode($obj));

View file

@ -0,0 +1,101 @@
<?php
require_once '../../videos/configuration.php';
require_once $global['systemRootPath'] . 'objects/captcha.php';
$users_id = intval(@$_REQUEST['users_id']);
if (empty($users_id) || !Permissions::canAdminUsers()) {
$users_id = User::getId();
}
if (empty($users_id)) {
forbiddenPage('Empty users_id');
}
$user = new User($users_id);
$videos = Video::getAllVideosLight('', $users_id);
?>
<!DOCTYPE html>
<html lang="<?php echo getLanguage(); ?>">
<head>
<title><?php echo __("Delete User"); ?> <?php echo $user->getUser(); ?></title>
<?php
include $global['systemRootPath'] . 'view/include/head.php';
?>
</head>
<body class="<?php echo $global['bodyClass']; ?>">
<?php
include $global['systemRootPath'] . 'view/include/navbar.php';
?>
<div class="container-fluid">
<div class="panel panel-default">
<div class="panel-heading">
<?php
echo Video::getCreatorHTML($users_id);
?>
</div>
<div class="panel-body">
<div class="alert alert-danger">
<?php echo __('Delete User'); ?>: <strong><?php echo $user->getUser(); ?></strong><br>
<?php
echo __('This action can not be recovered!');
?>
</div>
<?php
if (!empty($videos)) {
?>
<div class="alert alert-danger">
<?php
echo __('Are you sure you want to delete the user and all videos?');
?>
<span class="badge"><?php echo __('Total'); ?>: <?php echo count($videos); ?></span>
</div>
<ul class="list-group">
<?php
foreach ($videos as $value) {
?>
<a href="<?php echo Video::getLinkToVideo($value['id'], $value['clean_title']); ?>"
class="list-group-item list-group-item-action" target="_blank">
[<?php echo $value['id'] ?>] <?php echo $value['title'] ?>
</a>
<?php
}
?>
</ul>
<?php
}
?>
</div>
<div class="panel-footer">
<?php
$uid = uniqid();
$captcha = User::getCaptchaForm($uid, true);
?>
<div class="form-group" id="captchaDeleteUser">
<?php echo $captcha; ?>
</div>
</div>
<div class="panel-footer">
<button class="btn btn-danger btn-block" onclick="deleteUser();">
<i class="fas fa-trash"></i>
<?php echo __('Delete'); ?>
</button>
</div>
</div>
</div>
<?php
include $global['systemRootPath'] . 'view/include/footer.php';
?>
<script type="text/javascript">
function deleteUser(){
var url = webSiteRootURL + 'plugin/CustomizeUser/confirmDeleteUser.json.php';
var data = {captcha: $('#captchaDeleteUser input').val(), users_id: <?php echo $users_id; ?>};
avideoAjax(url, data);
}
</script>
</body>
</html>

View file

@ -50,7 +50,7 @@ if (User::isAdmin() && !empty($_GET['newServer'])) {
<?php <?php
include $global['systemRootPath'] . 'view/include/navbar.php'; include $global['systemRootPath'] . 'view/include/navbar.php';
?> ?>
<div class="container-fluid nopadding"> <div class="container-fluid">
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading"> <div class="panel-heading">
<i class="far fa-comments"></i> <?php echo __("Meeting"); ?> <i class="far fa-comments"></i> <?php echo __("Meeting"); ?>