Code Coverage for /data/phpBB/includes/acp/acp

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 4	CRAP	0.00% covered (danger)	0.00%	0 / 432
acp_prune	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 4	9120	0.00% covered (danger)	0.00%	0 / 428
main				0.00% covered (danger)	0.00%	0 / 1	20	0.00% covered (danger)	0.00%	0 / 21
prune_forums				0.00% covered (danger)	0.00%	0 / 1	600	0.00% covered (danger)	0.00%	0 / 147
prune_users				0.00% covered (danger)	0.00%	0 / 1	342	0.00% covered (danger)	0.00%	0 / 109
get_prune_users				0.00% covered (danger)	0.00%	0 / 1	2450	0.00% covered (danger)	0.00%	0 / 151

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	class acp_prune
23	{
24	var $u_action;
25
26	function main($id, $mode)
27	{
28	global $user, $phpEx, $phpbb_root_path;
29
30	$user->add_lang('acp/prune');
31
32	if (!function_exists('user_active_flip'))
33	{
34	include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
35	}
36
37	switch ($mode)
38	{
39	case 'forums':
40	$this->tpl_name = 'acp_prune_forums';
41	$this->page_title = 'ACP_PRUNE_FORUMS';
42	$this->prune_forums($id, $mode);
43	break;
44
45	case 'users':
46	$this->tpl_name = 'acp_prune_users';
47	$this->page_title = 'ACP_PRUNE_USERS';
48	$this->prune_users($id, $mode);
49	break;
50	}
51	}
52
53	/**
54	* Prune forums
55	*/
56	function prune_forums($id, $mode)
57	{
58	global $db, $user, $auth, $template, $phpbb_log, $request, $phpbb_dispatcher;
59
60	$all_forums = $request->variable('all_forums', 0);
61	$forum_id = $request->variable('f', array(0));
62	$submit = (isset($_POST['submit'])) ? true : false;
63
64	if ($all_forums)
65	{
66	$sql = 'SELECT forum_id
67	FROM ' . FORUMS_TABLE . '
68	ORDER BY left_id';
69	$result = $db->sql_query($sql);
70
71	$forum_id = array();
72	while ($row = $db->sql_fetchrow($result))
73	{
74	$forum_id[] = $row['forum_id'];
75	}
76	$db->sql_freeresult($result);
77	}
78
79	if ($submit)
80	{
81	if (confirm_box(true))
82	{
83	$prune_posted = $request->variable('prune_days', 0);
84	$prune_viewed = $request->variable('prune_vieweddays', 0);
85	$prune_all = (!$prune_posted && !$prune_viewed) ? true : false;
86
87	$prune_flags = 0;
88	$prune_flags += ($request->variable('prune_old_polls', 0)) ? 2 : 0;
89	$prune_flags += ($request->variable('prune_announce', 0)) ? 4 : 0;
90	$prune_flags += ($request->variable('prune_sticky', 0)) ? 8 : 0;
91
92	// Convert days to seconds for timestamp functions...
93	$prunedate_posted = time() - ($prune_posted * 86400);
94	$prunedate_viewed = time() - ($prune_viewed * 86400);
95
96	$template->assign_vars(array(
97	'S_PRUNED' => true)
98	);
99
100	$sql_forum = (count($forum_id)) ? ' AND ' . $db->sql_in_set('forum_id', $forum_id) : '';
101
102	// Get a list of forum's or the data for the forum that we are pruning.
103	$sql = 'SELECT forum_id, forum_name
104	FROM ' . FORUMS_TABLE . '
105	WHERE forum_type = ' . FORUM_POST . "
106	$sql_forum
107	ORDER BY left_id ASC";
108	$result = $db->sql_query($sql);
109
110	if ($row = $db->sql_fetchrow($result))
111	{
112	$prune_ids = array();
113	$p_result['topics'] = 0;
114	$p_result['posts'] = 0;
115	$log_data = '';
116
117	do
118	{
119	if (!$auth->acl_get('f_list', $row['forum_id']))
120	{
121	continue;
122	}
123
124	if ($prune_all)
125	{
126	$p_result = prune($row['forum_id'], 'posted', time(), $prune_flags, false);
127	}
128	else
129	{
130	if ($prune_posted)
131	{
132	$return = prune($row['forum_id'], 'posted', $prunedate_posted, $prune_flags, false);
133	$p_result['topics'] += $return['topics'];
134	$p_result['posts'] += $return['posts'];
135	}
136
137	if ($prune_viewed)
138	{
139	$return = prune($row['forum_id'], 'viewed', $prunedate_viewed, $prune_flags, false);
140	$p_result['topics'] += $return['topics'];
141	$p_result['posts'] += $return['posts'];
142	}
143	}
144
145	$prune_ids[] = $row['forum_id'];
146
147	$template->assign_block_vars('pruned', array(
148	'FORUM_NAME' => $row['forum_name'],
149	'NUM_TOPICS' => $p_result['topics'],
150	'NUM_POSTS' => $p_result['posts'])
151	);
152
153	$log_data .= (($log_data != '') ? ', ' : '') . $row['forum_name'];
154	}
155	while ($row = $db->sql_fetchrow($result));
156
157	// Sync all pruned forums at once
158	sync('forum', 'forum_id', $prune_ids, true, true);
159
160	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_PRUNE', false, array($log_data));
161	}
162	$db->sql_freeresult($result);
163
164	return;
165	}
166	else
167	{
168	$hidden_fields = array(
169	'i' => $id,
170	'mode' => $mode,
171	'submit' => 1,
172	'all_forums' => $all_forums,
173	'f' => $forum_id,
174
175	'prune_days' => $request->variable('prune_days', 0),
176	'prune_vieweddays' => $request->variable('prune_vieweddays', 0),
177	'prune_old_polls' => $request->variable('prune_old_polls', 0),
178	'prune_announce' => $request->variable('prune_announce', 0),
179	'prune_sticky' => $request->variable('prune_sticky', 0),
180	);
181
182	/**
183	* Use this event to pass data from the prune form to the confirmation screen
184	*
185	* @event core.prune_forums_settings_confirm
186	* @var array hidden_fields Hidden fields that are passed through the confirm screen
187	* @since 3.2.2-RC1
188	*/
189	$vars = array('hidden_fields');
190	extract($phpbb_dispatcher->trigger_event('core.prune_forums_settings_confirm', compact($vars)));
191
192	confirm_box(false, $user->lang['PRUNE_FORUM_CONFIRM'], build_hidden_fields($hidden_fields));
193	}
194	}
195
196	// If they haven't selected a forum for pruning yet then
197	// display a select box to use for pruning.
198	if (!count($forum_id))
199	{
200	$template->assign_vars(array(
201	'U_ACTION' => $this->u_action,
202	'S_SELECT_FORUM' => true,
203	'S_FORUM_OPTIONS' => make_forum_select(false, false, false))
204	);
205	}
206	else
207	{
208	$sql = 'SELECT forum_id, forum_name
209	FROM ' . FORUMS_TABLE . '
210	WHERE ' . $db->sql_in_set('forum_id', $forum_id);
211	$result = $db->sql_query($sql);
212	$row = $db->sql_fetchrow($result);
213
214	if (!$row)
215	{
216	$db->sql_freeresult($result);
217	trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action), E_USER_WARNING);
218	}
219
220	$forum_list = $s_hidden_fields = '';
221	do
222	{
223	$forum_list .= (($forum_list != '') ? ', ' : '') . '<b>' . $row['forum_name'] . '</b>';
224	$s_hidden_fields .= '<input type="hidden" name="f[]" value="' . $row['forum_id'] . '" />';
225	}
226	while ($row = $db->sql_fetchrow($result));
227
228	$db->sql_freeresult($result);
229
230	$l_selected_forums = (count($forum_id) == 1) ? 'SELECTED_FORUM' : 'SELECTED_FORUMS';
231
232	$template_data = array(
233	'L_SELECTED_FORUMS' => $user->lang[$l_selected_forums],
234	'U_ACTION' => $this->u_action,
235	'U_BACK' => $this->u_action,
236	'FORUM_LIST' => $forum_list,
237	'S_HIDDEN_FIELDS' => $s_hidden_fields,
238	);
239
240	/**
241	* Event to add/modify prune forums settings template data
242	*
243	* @event core.prune_forums_settings_template_data
244	* @var array template_data Array with form template data
245	* @since 3.2.2-RC1
246	*/
247	$vars = array('template_data');
248	extract($phpbb_dispatcher->trigger_event('core.prune_forums_settings_template_data', compact($vars)));
249
250	$template->assign_vars($template_data);
251	}
252	}
253
254	/**
255	* Prune users
256	*/
257	function prune_users($id, $mode)
258	{
259	global $db, $user, $auth, $template, $phpbb_log, $request;
260	global $phpbb_root_path, $phpbb_admin_path, $phpEx, $phpbb_container;
261
262	/** @var \phpbb\group\helper $group_helper */
263	$group_helper = $phpbb_container->get('group_helper');
264
265	$user->add_lang('memberlist');
266
267	$prune = (isset($_POST['prune'])) ? true : false;
268
269	if ($prune)
270	{
271	$action = $request->variable('action', 'deactivate');
272	$deleteposts = $request->variable('deleteposts', 0);
273
274	if (confirm_box(true))
275	{
276	$user_ids = $usernames = array();
277
278	$this->get_prune_users($user_ids, $usernames);
279	if (count($user_ids))
280	{
281	if ($action == 'deactivate')
282	{
283	user_active_flip('deactivate', $user_ids);
284	$l_log = 'LOG_PRUNE_USER_DEAC';
285	}
286	else if ($action == 'delete')
287	{
288	if ($deleteposts)
289	{
290	user_delete('remove', $user_ids);
291
292	$l_log = 'LOG_PRUNE_USER_DEL_DEL';
293	}
294	else
295	{
296	user_delete('retain', $user_ids, true);
297
298	$l_log = 'LOG_PRUNE_USER_DEL_ANON';
299	}
300	}
301
302	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, $l_log, false, array(implode(', ', $usernames)));
303	$msg = $user->lang['USER_' . strtoupper($action) . '_SUCCESS'];
304	}
305	else
306	{
307	$msg = $user->lang['USER_PRUNE_FAILURE'];
308	}
309
310	trigger_error($msg . adm_back_link($this->u_action));
311	}
312	else
313	{
314	// We list the users which will be pruned...
315	$user_ids = $usernames = array();
316	$this->get_prune_users($user_ids, $usernames);
317
318	if (!count($user_ids))
319	{
320	trigger_error($user->lang['USER_PRUNE_FAILURE'] . adm_back_link($this->u_action), E_USER_WARNING);
321	}
322
323	// Assign to template
324	foreach ($user_ids as $user_id)
325	{
326	$template->assign_block_vars('users', array(
327	'USERNAME' => $usernames[$user_id],
328	'USER_ID' => $user_id,
329	'U_PROFILE' => get_username_string('profile', $user_id, $usernames[$user_id]),
330	'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&mode=overview&u=' . $user_id, true, $user->session_id) : '',
331	));
332	}
333
334	$template->assign_vars(array(
335	'S_DEACTIVATE' => ($action == 'deactivate') ? true : false,
336	'S_DELETE' => ($action == 'delete') ? true : false,
337	));
338
339	confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
340	'i' => $id,
341	'mode' => $mode,
342	'prune' => 1,
343
344	'deleteposts' => $request->variable('deleteposts', 0),
345	'action' => $request->variable('action', ''),
346	)), 'confirm_body_prune.html');
347	}
348	}
349
350	$find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']);
351	$s_find_count = '';
352
353	foreach ($find_count as $key => $value)
354	{
355	$selected = ($key == 'eq') ? ' selected="selected"' : '';
356	$s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
357	}
358
359	$find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']);
360	$s_find_active_time = '';
361	foreach ($find_time as $key => $value)
362	{
363	$s_find_active_time .= '<option value="' . $key . '">' . $value . '</option>';
364	}
365
366	$sql = 'SELECT group_id, group_name
367	FROM ' . GROUPS_TABLE . '
368	WHERE group_type <> ' . GROUP_SPECIAL . '
369	ORDER BY group_name ASC';
370	$result = $db->sql_query($sql);
371
372	$s_group_list = '';
373	while ($row = $db->sql_fetchrow($result))
374	{
375	$s_group_list .= '<option value="' . $row['group_id'] . '">' . $group_helper->get_name($row['group_name']) . '</option>';
376	}
377	$db->sql_freeresult($result);
378
379	if ($s_group_list)
380	{
381	// Only prepend the "All groups" option if there are groups,
382	// otherwise we don't want to display this option at all.
383	$s_group_list = '<option value="0">' . $user->lang['PRUNE_USERS_GROUP_NONE'] . '</option>' . $s_group_list;
384	}
385
386	$template->assign_vars(array(
387	'U_ACTION' => $this->u_action,
388	'S_ACTIVE_OPTIONS' => $s_find_active_time,
389	'S_GROUP_LIST' => $s_group_list,
390	'S_COUNT_OPTIONS' => $s_find_count,
391	'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_prune&field=users'),
392	));
393	}
394
395	/**
396	* Get user_ids/usernames from those being pruned
397	*/
398	function get_prune_users(&$user_ids, &$usernames)
399	{
400	global $user, $db, $request;
401
402	$users_by_name = $request->variable('users', '', true);
403	$users_by_id = $request->variable('user_ids', array(0));
404	$group_id = $request->variable('group_id', 0);
405	$posts_on_queue = (trim($request->variable('posts_on_queue', '')) === '') ? false : $request->variable('posts_on_queue', 0);
406
407	if ($users_by_name)
408	{
409	$users = explode("\n", $users_by_name);
410	$where_sql = ' AND ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', $users));
411	}
412	else if (!empty($users_by_id))
413	{
414	$user_ids = $users_by_id;
415	user_get_id_name($user_ids, $usernames);
416
417	$where_sql = ' AND ' . $db->sql_in_set('user_id', $user_ids);
418	}
419	else
420	{
421	$username = $request->variable('username', '', true);
422	$email = $request->variable('email', '');
423
424	$active_select = $request->variable('active_select', 'lt');
425	$count_select = $request->variable('count_select', 'eq');
426	$queue_select = $request->variable('queue_select', 'gt');
427	$joined_before = $request->variable('joined_before', '');
428	$joined_after = $request->variable('joined_after', '');
429	$active = $request->variable('active', '');
430
431	$count = ($request->variable('count', '') === '') ? false : $request->variable('count', 0);
432
433	$active = ($active) ? explode('-', $active) : array();
434	$joined_before = ($joined_before) ? explode('-', $joined_before) : array();
435	$joined_after = ($joined_after) ? explode('-', $joined_after) : array();
436
437	// calculate the conditions required by the join time criteria
438	$joined_sql = '';
439	if (!empty($joined_before) && !empty($joined_after))
440	{
441	// if the two entered dates are equal, we need to adjust
442	// so that our time range is a full day instead of 1 second
443	if ($joined_after == $joined_before)
444	{
445	$joined_after[2] += 1;
446	}
447
448	$joined_sql = ' AND user_regdate BETWEEN ' . gmmktime(0, 0, 0, (int) $joined_after[1], (int) $joined_after[2], (int) $joined_after[0]) .
449	' AND ' . gmmktime(0, 0, 0, (int) $joined_before[1], (int) $joined_before[2], (int) $joined_before[0]);
450	}
451	else if (empty($joined_before) && !empty($joined_after))
452	{
453	$joined_sql = ' AND user_regdate > ' . gmmktime(0, 0, 0, (int) $joined_after[1], (int) $joined_after[2], (int) $joined_after[0]);
454	}
455	else if (empty($joined_after) && !empty($joined_before))
456	{
457	$joined_sql = ' AND user_regdate < ' . gmmktime(0, 0, 0, (int) $joined_before[1], (int) $joined_before[2], (int) $joined_before[0]);
458	}
459	// implicit else when both arrays are empty do nothing
460
461	if ((count($active) && count($active) != 3) \|\| (count($joined_before) && count($joined_before) != 3) \|\| (count($joined_after) && count($joined_after) != 3))
462	{
463	trigger_error($user->lang['WRONG_ACTIVE_JOINED_DATE'] . adm_back_link($this->u_action), E_USER_WARNING);
464	}
465
466	$key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
467
468	$where_sql = '';
469	$where_sql .= ($username) ? ' AND username_clean ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), utf8_clean_string($username))) : '';
470	$where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $email)) . ' ' : '';
471	$where_sql .= $joined_sql;
472	$where_sql .= ($count !== false) ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
473
474	// First handle pruning of users who never logged in, last active date is 0000-00-00
475	if (count($active) && (int) $active[0] == 0 && (int) $active[1] == 0 && (int) $active[2] == 0)
476	{
477	$where_sql .= ' AND user_lastvisit = 0';
478	}
479	else if (count($active) && $active_select != 'lt')
480	{
481	$where_sql .= ' AND user_lastvisit ' . $key_match[$active_select] . ' ' . gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]);
482	}
483	else if (count($active))
484	{
485	$where_sql .= ' AND (user_lastvisit > 0 AND user_lastvisit < ' . gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]) . ')';
486	}
487	}
488
489	// If no search criteria were provided, go no further.
490	if (!$where_sql && !$group_id && $posts_on_queue === false)
491	{
492	return;
493	}
494
495	// Get bot ids
496	$sql = 'SELECT user_id
497	FROM ' . BOTS_TABLE;
498	$result = $db->sql_query($sql);
499
500	$bot_ids = array();
501	while ($row = $db->sql_fetchrow($result))
502	{
503	$bot_ids[] = $row['user_id'];
504	}
505	$db->sql_freeresult($result);
506
507	// Protect the admin, do not prune if no options are given...
508	if ($where_sql)
509	{
510	// Do not prune founder members
511	$sql = 'SELECT user_id, username
512	FROM ' . USERS_TABLE . '
513	WHERE user_id <> ' . ANONYMOUS . '
514	AND user_type <> ' . USER_FOUNDER . "
515	$where_sql";
516	$result = $db->sql_query($sql);
517
518	$user_ids = $usernames = array();
519
520	while ($row = $db->sql_fetchrow($result))
521	{
522	// Do not prune bots and the user currently pruning.
523	if ($row['user_id'] != $user->data['user_id'] && !in_array($row['user_id'], $bot_ids))
524	{
525	$user_ids[] = $row['user_id'];
526	$usernames[$row['user_id']] = $row['username'];
527	}
528	}
529	$db->sql_freeresult($result);
530	}
531
532	if ($group_id)
533	{
534	$sql = 'SELECT u.user_id, u.username
535	FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
536	WHERE ug.group_id = ' . (int) $group_id . '
537	AND ug.user_id <> ' . ANONYMOUS . '
538	AND u.user_type <> ' . USER_FOUNDER . '
539	AND ug.user_pending = 0
540	AND ug.group_leader = 0
541	AND u.user_id = ug.user_id
542	' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('ug.user_id', $user_ids) : '');
543	$result = $db->sql_query($sql);
544
545	// we're performing an intersection operation, so all the relevant users
546	// come from this most recent query (which was limited to the results of the
547	// previous query)
548	$user_ids = $usernames = array();
549	while ($row = $db->sql_fetchrow($result))
550	{
551	// Do not prune bots and the user currently pruning.
552	if ($row['user_id'] != $user->data['user_id'] && !in_array($row['user_id'], $bot_ids))
553	{
554	$user_ids[] = $row['user_id'];
555	$usernames[$row['user_id']] = $row['username'];
556	}
557	}
558	$db->sql_freeresult($result);
559	}
560
561	if ($posts_on_queue !== false)
562	{
563	$sql = 'SELECT u.user_id, u.username, COUNT(p.post_id) AS queue_posts
564	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
565	WHERE u.user_id <> ' . ANONYMOUS . '
566	AND u.user_type <> ' . USER_FOUNDER . '
567	AND ' . $db->sql_in_set('p.post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)) . '
568	AND u.user_id = p.poster_id
569	' . (!empty($user_ids) ? ' AND ' . $db->sql_in_set('p.poster_id', $user_ids) : '') . '
570	GROUP BY p.poster_id
571	HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue;
572	$result = $db->sql_query($sql);
573
574	// same intersection logic as the above group ID portion
575	$user_ids = $usernames = array();
576	while ($row = $db->sql_fetchrow($result))
577	{
578	// Do not prune bots and the user currently pruning.
579	if ($row['user_id'] != $user->data['user_id'] && !in_array($row['user_id'], $bot_ids))
580	{
581	$user_ids[] = $row['user_id'];
582	$usernames[$row['user_id']] = $row['username'];
583	}
584	}
585	$db->sql_freeresult($result);
586	}
587	}
588	}