aboutsummaryrefslogtreecommitdiff
path: root/actions/admin/user
diff options
context:
space:
mode:
Diffstat (limited to 'actions/admin/user')
-rw-r--r--actions/admin/user/ban.php18
-rw-r--r--actions/admin/user/delete.php13
-rw-r--r--actions/admin/user/makeadmin.php17
-rw-r--r--actions/admin/user/removeadmin.php12
-rw-r--r--actions/admin/user/resetpassword.php26
-rw-r--r--actions/admin/user/unban.php13
6 files changed, 42 insertions, 57 deletions
diff --git a/actions/admin/user/ban.php b/actions/admin/user/ban.php
index 1a5d9e4a9..6622673e6 100644
--- a/actions/admin/user/ban.php
+++ b/actions/admin/user/ban.php
@@ -1,23 +1,20 @@
<?php
/**
- * Elgg ban user
+ * Bans a user.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * User entities are banned by setting the 'banned' column
+ * to 'yes' in the users_entity table.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
*/
-
-// block non-admin users
admin_gatekeeper();
-// Get the user
$guid = get_input('guid');
$obj = get_entity($guid);
if (($obj instanceof ElggUser) && ($obj->canEdit())) {
- // Now actually disable it
if ($obj->ban('banned')) {
system_message(elgg_echo('admin:user:ban:yes'));
} else {
@@ -27,5 +24,4 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) {
register_error(elgg_echo('admin:user:ban:no'));
}
-forward('pg/admin/user/');
-exit;
+forward('pg/admin/user/'); \ No newline at end of file
diff --git a/actions/admin/user/delete.php b/actions/admin/user/delete.php
index 61dbc7e10..375f8b809 100644
--- a/actions/admin/user/delete.php
+++ b/actions/admin/user/delete.php
@@ -1,15 +1,16 @@
<?php
/**
- * Elgg delete user
+ * Delete a user.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * The user will be deleted recursively, meaning all entities
+ * owned or contained by the user will also be removed.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
*/
-
// block non-admin users - require since this action is not registered
+// @todo why isn't this action registered?
admin_gatekeeper();
// Get the user
diff --git a/actions/admin/user/makeadmin.php b/actions/admin/user/makeadmin.php
index dc5c508fb..f8a426a41 100644
--- a/actions/admin/user/makeadmin.php
+++ b/actions/admin/user/makeadmin.php
@@ -1,19 +1,18 @@
<?php
/**
- * Make another user an admin.
+ * Grants admin privileges to a user.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * In >=1.7.1, admin is flagged by setting the admin
+ * column in the users_entity table.
+ *
+ * In <1.7.1, admin is a piece of metadata on the user object.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
*/
-global $CONFIG;
-
-// block non-admin users
admin_gatekeeper();
-// Get the user
$guid = get_input('guid');
$user = get_entity($guid);
diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php
index b5872e592..9e8c55ac9 100644
--- a/actions/admin/user/removeadmin.php
+++ b/actions/admin/user/removeadmin.php
@@ -1,19 +1,13 @@
<?php
/**
- * Make another user an admin.
+ * Revokes admin privileges from a user.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * @package Elgg.Core
+ * @subpackage Administration.User
*/
-global $CONFIG;
-
-// block non-admin users
admin_gatekeeper();
-// Get the user
$guid = get_input('guid');
$user = get_entity($guid);
diff --git a/actions/admin/user/resetpassword.php b/actions/admin/user/resetpassword.php
index aead052dd..c70410201 100644
--- a/actions/admin/user/resetpassword.php
+++ b/actions/admin/user/resetpassword.php
@@ -1,26 +1,29 @@
<?php
/**
- * Admin password reset.
+ * Reset a user's password.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * This is an admin action that generates a new salt and password
+ * for a user, then emails the password to the user's registered
+ * email address.
+ *
+ * NOTE: This is different to the "reset password" link users
+ * can use in that it does not first email the user asking if
+ * they want to have their password reset.
+ *
+ * @package Elgg.Core
+ * @subpackage Administration.User
*/
-global $CONFIG;
-
-// block non-admin users
admin_gatekeeper();
-// Get the user
$guid = get_input('guid');
$obj = get_entity($guid);
if (($obj instanceof ElggUser) && ($obj->canEdit())) {
$password = generate_random_cleartext_password();
- $obj->salt = generate_random_cleartext_password(); // Reset the salt
+ // Always reset the salt before generating the user password.
+ $obj->salt = generate_random_cleartext_password();
$obj->password = generate_user_password($obj, $password);
if ($obj->save()) {
@@ -39,5 +42,4 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) {
register_error(elgg_echo('admin:user:resetpassword:no'));
}
-forward($_SERVER['HTTP_REFERER']);
-exit;
+forward($_SERVER['HTTP_REFERER']); \ No newline at end of file
diff --git a/actions/admin/user/unban.php b/actions/admin/user/unban.php
index 6e04c8114..2bc609b5c 100644
--- a/actions/admin/user/unban.php
+++ b/actions/admin/user/unban.php
@@ -1,26 +1,20 @@
<?php
/**
- * Elgg ban user
+ * Unbans a user.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * @package Elgg.Core
+ * @subpackage Administration.User
*/
-
-// block non-admin users
admin_gatekeeper();
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
-// Get the user
$guid = get_input('guid');
$obj = get_entity($guid);
if (($obj instanceof ElggUser) && ($obj->canEdit())) {
- // Now actually disable it
if ($obj->unban()) {
system_message(elgg_echo('admin:user:unban:yes'));
} else {
@@ -33,4 +27,3 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) {
access_show_hidden_entities($access_status);
forward($_SERVER['HTTP_REFERER']);
-exit;