diff options
Diffstat (limited to 'actions/admin/user')
| -rw-r--r-- | actions/admin/user/ban.php | 18 | ||||
| -rw-r--r-- | actions/admin/user/delete.php | 13 | ||||
| -rw-r--r-- | actions/admin/user/makeadmin.php | 17 | ||||
| -rw-r--r-- | actions/admin/user/removeadmin.php | 12 | ||||
| -rw-r--r-- | actions/admin/user/resetpassword.php | 26 | ||||
| -rw-r--r-- | actions/admin/user/unban.php | 13 |
6 files changed, 42 insertions, 57 deletions
diff --git a/actions/admin/user/ban.php b/actions/admin/user/ban.php index 1a5d9e4a9..6622673e6 100644 --- a/actions/admin/user/ban.php +++ b/actions/admin/user/ban.php @@ -1,23 +1,20 @@ <?php /** - * Elgg ban user + * Bans a user. * - * @package Elgg - * @subpackage Core - * @author Curverider Ltd - * @link http://elgg.org/ + * User entities are banned by setting the 'banned' column + * to 'yes' in the users_entity table. + * + * @package Elgg.Core + * @subpackage Administration.User */ - -// block non-admin users admin_gatekeeper(); -// Get the user $guid = get_input('guid'); $obj = get_entity($guid); if (($obj instanceof ElggUser) && ($obj->canEdit())) { - // Now actually disable it if ($obj->ban('banned')) { system_message(elgg_echo('admin:user:ban:yes')); } else { @@ -27,5 +24,4 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) { register_error(elgg_echo('admin:user:ban:no')); } -forward('pg/admin/user/'); -exit; +forward('pg/admin/user/');
\ No newline at end of file diff --git a/actions/admin/user/delete.php b/actions/admin/user/delete.php index 61dbc7e10..375f8b809 100644 --- a/actions/admin/user/delete.php +++ b/actions/admin/user/delete.php @@ -1,15 +1,16 @@ <?php /** - * Elgg delete user + * Delete a user. * - * @package Elgg - * @subpackage Core - * @author Curverider Ltd - * @link http://elgg.org/ + * The user will be deleted recursively, meaning all entities + * owned or contained by the user will also be removed. + * + * @package Elgg.Core + * @subpackage Administration.User */ - // block non-admin users - require since this action is not registered +// @todo why isn't this action registered? admin_gatekeeper(); // Get the user diff --git a/actions/admin/user/makeadmin.php b/actions/admin/user/makeadmin.php index dc5c508fb..f8a426a41 100644 --- a/actions/admin/user/makeadmin.php +++ b/actions/admin/user/makeadmin.php @@ -1,19 +1,18 @@ <?php /** - * Make another user an admin. + * Grants admin privileges to a user. * - * @package Elgg - * @subpackage Core - * @author Curverider Ltd - * @link http://elgg.org/ + * In >=1.7.1, admin is flagged by setting the admin + * column in the users_entity table. + * + * In <1.7.1, admin is a piece of metadata on the user object. + * + * @package Elgg.Core + * @subpackage Administration.User */ -global $CONFIG; - -// block non-admin users admin_gatekeeper(); -// Get the user $guid = get_input('guid'); $user = get_entity($guid); diff --git a/actions/admin/user/removeadmin.php b/actions/admin/user/removeadmin.php index b5872e592..9e8c55ac9 100644 --- a/actions/admin/user/removeadmin.php +++ b/actions/admin/user/removeadmin.php @@ -1,19 +1,13 @@ <?php /** - * Make another user an admin. + * Revokes admin privileges from a user. * - * @package Elgg - * @subpackage Core - * @author Curverider Ltd - * @link http://elgg.org/ + * @package Elgg.Core + * @subpackage Administration.User */ -global $CONFIG; - -// block non-admin users admin_gatekeeper(); -// Get the user $guid = get_input('guid'); $user = get_entity($guid); diff --git a/actions/admin/user/resetpassword.php b/actions/admin/user/resetpassword.php index aead052dd..c70410201 100644 --- a/actions/admin/user/resetpassword.php +++ b/actions/admin/user/resetpassword.php @@ -1,26 +1,29 @@ <?php /** - * Admin password reset. + * Reset a user's password. * - * @package Elgg - * @subpackage Core - * @author Curverider Ltd - * @link http://elgg.org/ + * This is an admin action that generates a new salt and password + * for a user, then emails the password to the user's registered + * email address. + * + * NOTE: This is different to the "reset password" link users + * can use in that it does not first email the user asking if + * they want to have their password reset. + * + * @package Elgg.Core + * @subpackage Administration.User */ -global $CONFIG; - -// block non-admin users admin_gatekeeper(); -// Get the user $guid = get_input('guid'); $obj = get_entity($guid); if (($obj instanceof ElggUser) && ($obj->canEdit())) { $password = generate_random_cleartext_password(); - $obj->salt = generate_random_cleartext_password(); // Reset the salt + // Always reset the salt before generating the user password. + $obj->salt = generate_random_cleartext_password(); $obj->password = generate_user_password($obj, $password); if ($obj->save()) { @@ -39,5 +42,4 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) { register_error(elgg_echo('admin:user:resetpassword:no')); } -forward($_SERVER['HTTP_REFERER']); -exit; +forward($_SERVER['HTTP_REFERER']);
\ No newline at end of file diff --git a/actions/admin/user/unban.php b/actions/admin/user/unban.php index 6e04c8114..2bc609b5c 100644 --- a/actions/admin/user/unban.php +++ b/actions/admin/user/unban.php @@ -1,26 +1,20 @@ <?php /** - * Elgg ban user + * Unbans a user. * - * @package Elgg - * @subpackage Core - * @author Curverider Ltd - * @link http://elgg.org/ + * @package Elgg.Core + * @subpackage Administration.User */ - -// block non-admin users admin_gatekeeper(); $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); -// Get the user $guid = get_input('guid'); $obj = get_entity($guid); if (($obj instanceof ElggUser) && ($obj->canEdit())) { - // Now actually disable it if ($obj->unban()) { system_message(elgg_echo('admin:user:unban:yes')); } else { @@ -33,4 +27,3 @@ if (($obj instanceof ElggUser) && ($obj->canEdit())) { access_show_hidden_entities($access_status); forward($_SERVER['HTTP_REFERER']); -exit; |