diff options
-rw-r--r-- | actions/admin/user/ban.php | 13 | ||||
-rw-r--r-- | actions/admin/user/delete.php | 15 | ||||
-rw-r--r-- | actions/admin/user/removeadmin.php | 5 | ||||
-rw-r--r-- | actions/admin/user/resetpassword.php | 14 | ||||
-rw-r--r-- | actions/admin/user/unban.php | 6 | ||||
-rw-r--r-- | languages/en.php | 3 |
6 files changed, 37 insertions, 19 deletions
diff --git a/actions/admin/user/ban.php b/actions/admin/user/ban.php index 6622673e6..5ad6c29c5 100644 --- a/actions/admin/user/ban.php +++ b/actions/admin/user/ban.php @@ -12,10 +12,15 @@ admin_gatekeeper(); $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - if ($obj->ban('banned')) { +if ($guid == get_loggedin_userid()) { + register_error(elgg_echo('admin:user:self:ban:no')); + forward(REFERER); +} + +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->ban('banned')) { system_message(elgg_echo('admin:user:ban:yes')); } else { register_error(elgg_echo('admin:user:ban:no')); @@ -24,4 +29,4 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) { register_error(elgg_echo('admin:user:ban:no')); } -forward('pg/admin/user/');
\ No newline at end of file +forward(REFERER);
\ No newline at end of file diff --git a/actions/admin/user/delete.php b/actions/admin/user/delete.php index e8d835722..a5e1886ec 100644 --- a/actions/admin/user/delete.php +++ b/actions/admin/user/delete.php @@ -15,13 +15,18 @@ admin_gatekeeper(); // Get the user $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -$name = $obj->name; -$username = $obj->username; +if ($guid == get_loggedin_userid()) { + register_error(elgg_echo('admin:user:self:delete:no')); + forward(REFERER); +} + +$name = $user->name; +$username = $user->username; -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - if ($obj->delete()) { +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->delete()) { system_message(elgg_echo('admin:user:delete:yes', array($name))); } else { register_error(elgg_echo('admin:user:delete:no')); diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php index 468670940..97bfc396b 100644 --- a/actions/admin/user/removeadmin.php +++ b/actions/admin/user/removeadmin.php @@ -11,6 +11,11 @@ admin_gatekeeper(); $guid = get_input('guid'); $user = get_entity($guid); +if ($guid == get_loggedin_userid()) { + register_error(elgg_echo('admin:user:self:removeadmin:no')); + forward(REFERER); +} + if (($user instanceof ElggUser) && ($user->canEdit())) { if ($user->removeAdmin()) { system_message(elgg_echo('admin:user:removeadmin:yes')); diff --git a/actions/admin/user/resetpassword.php b/actions/admin/user/resetpassword.php index 24127eb8b..14de69cb6 100644 --- a/actions/admin/user/resetpassword.php +++ b/actions/admin/user/resetpassword.php @@ -17,22 +17,22 @@ admin_gatekeeper(); $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { +if (($user instanceof ElggUser) && ($user->canEdit())) { $password = generate_random_cleartext_password(); // Always reset the salt before generating the user password. - $obj->salt = generate_random_cleartext_password(); - $obj->password = generate_user_password($obj, $password); + $user->salt = generate_random_cleartext_password(); + $user->password = generate_user_password($user, $password); - if ($obj->save()) { + if ($user->save()) { system_message(elgg_echo('admin:user:resetpassword:yes')); - notify_user($obj->guid, + notify_user($user->guid, $CONFIG->site->guid, elgg_echo('email:resetpassword:subject'), - elgg_echo('email:resetpassword:body', array($obj->username, $password)), + elgg_echo('email:resetpassword:body', array($user->username, $password)), NULL, 'email'); } else { diff --git a/actions/admin/user/unban.php b/actions/admin/user/unban.php index 66173623a..883e074ed 100644 --- a/actions/admin/user/unban.php +++ b/actions/admin/user/unban.php @@ -12,10 +12,10 @@ $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); $guid = get_input('guid'); -$obj = get_entity($guid); +$user = get_entity($guid); -if (($obj instanceof ElggUser) && ($obj->canEdit())) { - if ($obj->unban()) { +if (($user instanceof ElggUser) && ($user->canEdit())) { + if ($user->unban()) { system_message(elgg_echo('admin:user:unban:yes')); } else { register_error(elgg_echo('admin:user:unban:no')); diff --git a/languages/en.php b/languages/en.php index 118ad8883..ad6461fd0 100644 --- a/languages/en.php +++ b/languages/en.php @@ -519,10 +519,12 @@ To remove a widget drag it back to the <b>Widget gallery</b>.", 'admin:user:ban:no' => "Can not ban user", 'admin:user:ban:yes' => "User banned.", + 'admin:user:self:ban:no' => "You cannot ban yourself", 'admin:user:unban:no' => "Can not unban user", 'admin:user:unban:yes' => "User un-banned.", 'admin:user:delete:no' => "Can not delete user", 'admin:user:delete:yes' => "The user %s has been deleted", + 'admin:user:self:delete:no' => "You cannot delete yourself", 'admin:user:resetpassword:yes' => "Password reset, user notified.", 'admin:user:resetpassword:no' => "Password could not be reset.", @@ -532,6 +534,7 @@ To remove a widget drag it back to the <b>Widget gallery</b>.", 'admin:user:removeadmin:yes' => "User is no longer an admin.", 'admin:user:removeadmin:no' => "We could not remove administrator privileges from this user.", + 'admin:user:self:removeadmin:no' => "You cannot remove your own administrator privileges.", 'admin:menu_items' => 'Menu Items', 'admin:menu_items:configure' => 'Configure main menu items', |