Shish Moom
commit
fc25427ca1
6 changed files with 253 additions and 51 deletions
9
.gitignore
vendored
9
.gitignore
vendored
|
|
@ -65,3 +65,12 @@ ext/upload_cmd
|
|||
ext/wiki
|
||||
ext/word_filter
|
||||
ext/zoom
|
||||
|
||||
/ext/resize/main.php
|
||||
/ext/resize/style.css
|
||||
/ext/resize/theme.php
|
||||
/ext/twitter_soc/main.php
|
||||
/ext/twitter_soc/script.js
|
||||
/ext/twitter_soc/style.css
|
||||
/ext/twitter_soc/test.php
|
||||
/ext/twitter_soc/theme.php
|
||||
|
|
|
|||
|
|
@ -138,7 +138,10 @@ class Artists implements Extension {
|
|||
}
|
||||
|
||||
$database->execute("UPDATE images SET author = ? WHERE id = ?"
|
||||
, array($artistName, $event->image->id));
|
||||
, array(
|
||||
$artistName
|
||||
, $event->image->id
|
||||
));
|
||||
}
|
||||
public function handle_commands($event)
|
||||
{
|
||||
|
|
@ -465,7 +468,9 @@ class Artists implements Extension {
|
|||
global $database;
|
||||
|
||||
$result = $database->get_one("SELECT COUNT(1) FROM artist_alias WHERE artist_id = ? AND alias = ?", array(
|
||||
$artistID, $alias));
|
||||
$artistID
|
||||
, $alias
|
||||
));
|
||||
return ($result != 0);
|
||||
}
|
||||
|
||||
|
|
@ -625,7 +630,12 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("UPDATE artists SET name = ?, notes = ?, updated = now(), user_id = ? WHERE id = ? "
|
||||
, array( $name, $notes, $userID, $artistID ));
|
||||
, array(
|
||||
$name
|
||||
, $notes
|
||||
, $userID
|
||||
, $artistID
|
||||
));
|
||||
|
||||
// ALIAS MATCHING SECTION
|
||||
$i = 0;
|
||||
|
|
@ -716,7 +726,11 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("UPDATE artist_alias SET alias = ?, updated = now(), user_id = ? WHERE id = ? "
|
||||
, array( $alias, $userID, $aliasID ));
|
||||
, array(
|
||||
$alias
|
||||
, $userID
|
||||
, $aliasID
|
||||
));
|
||||
}
|
||||
|
||||
private function update_url()
|
||||
|
|
@ -741,7 +755,11 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("UPDATE artist_urls SET url = ?, updated = now(), user_id = ? WHERE id = ?"
|
||||
, array( $url, $userID, $urlID ));
|
||||
, array(
|
||||
$url
|
||||
, $userID
|
||||
, $urlID
|
||||
));
|
||||
}
|
||||
|
||||
private function update_member()
|
||||
|
|
@ -767,7 +785,11 @@ class Artists implements Extension {
|
|||
global $database;
|
||||
|
||||
$database->execute("UPDATE artist_members SET name = ?, updated = now(), user_id = ? WHERE id = ?"
|
||||
, array( $memberName, $userID, $memberID ));
|
||||
, array(
|
||||
$memberName
|
||||
, $userID
|
||||
, $memberID
|
||||
));
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
@ -839,7 +861,11 @@ class Artists implements Extension {
|
|||
(user_id, name, notes, created, updated)
|
||||
VALUES
|
||||
(?, ?, ?, now(), now())",
|
||||
array( $user->id, $name, $notes ));
|
||||
array(
|
||||
$user->id
|
||||
, $name
|
||||
, $notes
|
||||
));
|
||||
|
||||
$result = $database->get_row("SELECT LAST_INSERT_ID() AS artistID", array());
|
||||
|
||||
|
|
@ -853,7 +879,9 @@ class Artists implements Extension {
|
|||
global $database;
|
||||
|
||||
$result = $database->get_one("SELECT COUNT(1) FROM artists WHERE name = ?"
|
||||
, array($name));
|
||||
, array(
|
||||
$name
|
||||
));
|
||||
return ($result != 0);
|
||||
}
|
||||
|
||||
|
|
@ -917,7 +945,9 @@ class Artists implements Extension {
|
|||
private function get_artist_id($name){
|
||||
global $database;
|
||||
$artistID = $database->get_row("SELECT id FROM artists WHERE name = ?"
|
||||
, array( $name ));
|
||||
, array(
|
||||
$name
|
||||
));
|
||||
return $artistID['id'];
|
||||
}
|
||||
|
||||
|
|
@ -926,7 +956,9 @@ class Artists implements Extension {
|
|||
global $database;
|
||||
|
||||
$artistID = $database->get_row("SELECT artist_id FROM artist_alias WHERE alias = ?"
|
||||
, array( $alias ));
|
||||
, array(
|
||||
$alias
|
||||
));
|
||||
return $artistID["artist_id"];
|
||||
}
|
||||
|
||||
|
|
@ -940,7 +972,9 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("DELETE FROM artists WHERE id = ? "
|
||||
, array( $artistID ));
|
||||
, array(
|
||||
$artistID
|
||||
));
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -1064,7 +1098,11 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("INSERT INTO artist_urls (artist_id, created, updated, url, user_id) VALUES (?, now(), now(), ?, ?)"
|
||||
, array( $artistID, $url, $userID ));
|
||||
, array(
|
||||
$artistID
|
||||
, $url
|
||||
, $userID
|
||||
));
|
||||
}
|
||||
|
||||
private function add_alias()
|
||||
|
|
@ -1094,7 +1132,11 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("INSERT INTO artist_alias (artist_id, created, updated, alias, user_id) VALUES (?, now(), now(), ?, ?)"
|
||||
, array( $artistID, $alias, $userID ));
|
||||
, array(
|
||||
$artistID
|
||||
, $alias
|
||||
, $userID
|
||||
));
|
||||
}
|
||||
|
||||
private function add_members()
|
||||
|
|
@ -1123,7 +1165,11 @@ class Artists implements Extension {
|
|||
|
||||
global $database;
|
||||
$database->execute("INSERT INTO artist_members (artist_id, name, created, updated, user_id) VALUES (?, ?, now(), now(), ?)"
|
||||
, array( $artistID, $member, $userID ));
|
||||
, array(
|
||||
$artistID
|
||||
, $member
|
||||
, $userID
|
||||
));
|
||||
}
|
||||
|
||||
private function member_exists($artistID, $member)
|
||||
|
|
@ -1133,7 +1179,10 @@ class Artists implements Extension {
|
|||
global $database;
|
||||
|
||||
$result = $database->get_one("SELECT COUNT(1) FROM artist_members WHERE artist_id = ? AND name = ?"
|
||||
, array( $artistID, $member ));
|
||||
, array(
|
||||
$artistID
|
||||
, $member
|
||||
));
|
||||
return ($result != 0);
|
||||
}
|
||||
|
||||
|
|
@ -1144,7 +1193,10 @@ class Artists implements Extension {
|
|||
global $database;
|
||||
|
||||
$result = $database->get_one("SELECT COUNT(1) FROM artist_urls WHERE artist_id = ? AND url = ?"
|
||||
, array( $artistID, $url ));
|
||||
, array(
|
||||
$artistID
|
||||
, $url
|
||||
));
|
||||
return ($result != 0);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -144,8 +144,10 @@ class Favorites extends SimpleExtension {
|
|||
image_id INTEGER NOT NULL,
|
||||
user_id INTEGER NOT NULL,
|
||||
created_at DATETIME NOT NULL,
|
||||
INDEX(image_id),
|
||||
UNIQUE(image_id, user_id),
|
||||
INDEX(image_id)
|
||||
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
||||
FOREIGN KEY (image_id) REFERENCES images(id) ON DELETE CASCADE
|
||||
)
|
||||
");
|
||||
$config->set_int("ext_favorites_version", 1);
|
||||
|
|
|
|||
|
|
@ -144,6 +144,12 @@ class UserPage extends SimpleExtension {
|
|||
// join (select owner_id,count(*) as comment_count from comments group by owner_id) as _comments on _comments.owner_id=users.id;
|
||||
$this->theme->display_user_list($page, User::by_list(0), $user);
|
||||
}
|
||||
else if($event->get_arg(0) == "delete_user") {
|
||||
$this->delete_user($page);
|
||||
}
|
||||
else if($event->get_arg(0) == "delete_user_with_images") {
|
||||
$this->delete_user_with_images($page);
|
||||
}
|
||||
}
|
||||
|
||||
if(($event instanceof PageRequestEvent) && $event->page_matches("user")) {
|
||||
|
|
@ -463,6 +469,72 @@ class UserPage extends SimpleExtension {
|
|||
ORDER BY most_recent DESC", array("id"=>$duser->id));
|
||||
return $rows;
|
||||
}
|
||||
|
||||
private function delete_user($page) {
|
||||
global $user;
|
||||
global $config;
|
||||
global $database;
|
||||
|
||||
$page->set_title("Error");
|
||||
$page->set_heading("Error");
|
||||
$page->add_block(new NavBlock());
|
||||
|
||||
if (!$user->is_admin()) {
|
||||
$page->add_block(new Block("Not Admin", "Only admins can delete accounts"));
|
||||
}
|
||||
else if(!isset($_POST['id']) || !is_numeric($_POST['id'])) {
|
||||
$page->add_block(new Block("No ID Specified",
|
||||
"You need to specify the account number to edit"));
|
||||
}
|
||||
else{
|
||||
$rows = $database->get_all("SELECT * FROM images WHERE owner_id = :owner_id", array("owner_id" => $_POST['id']));
|
||||
foreach ($rows as $key => $value)
|
||||
{
|
||||
$database->Execute("UPDATE images SET owner_id = :owner_id WHERE id = :id;", array("owner_id" => 1, "id" => $value['id']));
|
||||
}
|
||||
$database->execute("DELETE FROM users
|
||||
WHERE id = :id"
|
||||
, array("id"=>$_POST['id']));
|
||||
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("post/list"));
|
||||
}
|
||||
}
|
||||
|
||||
private function delete_user_with_images($page) {
|
||||
global $user;
|
||||
global $config;
|
||||
global $database;
|
||||
|
||||
$page->set_title("Error");
|
||||
$page->set_heading("Error");
|
||||
$page->add_block(new NavBlock());
|
||||
|
||||
if (!$user->is_admin()) {
|
||||
$page->add_block(new Block("Not Admin", "Only admins can delete accounts"));
|
||||
}
|
||||
else if(!isset($_POST['id']) || !is_numeric($_POST['id'])) {
|
||||
$page->add_block(new Block("No ID Specified",
|
||||
"You need to specify the account number to edit"));
|
||||
}
|
||||
else{
|
||||
$rows = $database->get_all("SELECT * FROM images WHERE owner_id = :owner_id", array("owner_id" => $_POST['id']));
|
||||
foreach ($rows as $key => $value)
|
||||
{
|
||||
$image = Image::by_id($value['id']);
|
||||
if($image) {
|
||||
send_event(new ImageDeletionEvent($image));
|
||||
}
|
||||
}
|
||||
$database->execute("DELETE FROM users
|
||||
WHERE id = :id"
|
||||
, array("id"=>$_POST['id']));
|
||||
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("post/list"));
|
||||
}
|
||||
}
|
||||
|
||||
// }}}
|
||||
}
|
||||
add_event_listener(new UserPage());
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class UserPageTheme extends Themelet {
|
|||
$html .= "<tr><td>Name</td></tr>";
|
||||
foreach($users as $duser) {
|
||||
$html .= "<tr>";
|
||||
$html .= "<td><a href='".make_link("user/"+$duser->name)."'>".html_escape($duser->name)."</a></td>";
|
||||
$html .= "<td><a href='".make_link("user/".$duser->name)."'>".html_escape($duser->name)."</a></td>";
|
||||
$html .= "</tr>";
|
||||
}
|
||||
$html .= "</table>";
|
||||
|
|
@ -149,38 +149,50 @@ class UserPageTheme extends Themelet {
|
|||
|
||||
protected function build_options(User $duser) {
|
||||
global $config, $database, $user;
|
||||
|
||||
$html = "
|
||||
".make_form(make_link("user_admin/change_pass"))."
|
||||
<input type='hidden' name='id' value='{$duser->id}'>
|
||||
<table style='width: 300px;'>
|
||||
<tr><th colspan='2'>Change Password</th></tr>
|
||||
<tr><td>Password</td><td><input type='password' name='pass1'></td></tr>
|
||||
<tr><td>Repeat Password</td><td><input type='password' name='pass2'></td></tr>
|
||||
<tr><td colspan='2'><input type='Submit' value='Change Password'></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
|
||||
<p>".make_form(make_link("user_admin/change_email"))."
|
||||
<input type='hidden' name='id' value='{$duser->id}'>
|
||||
<table style='width: 300px;'>
|
||||
<tr><th colspan='2'>Change Email</th></tr>
|
||||
<tr><td>Address</td><td><input type='text' name='address' value='".html_escape($duser->email)."'></td></tr>
|
||||
<tr><td colspan='2'><input type='Submit' value='Set'></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
";
|
||||
|
||||
if($user->is_admin()) {
|
||||
$i_user_id = int_escape($duser->id);
|
||||
$h_is_admin = $duser->is_admin() ? " checked" : "";
|
||||
$html = "";
|
||||
if($duser->id != 1){ //justa fool-admin protection so they dont mess around with anon users.
|
||||
|
||||
$html .= "
|
||||
<p>".make_form(make_link("user_admin/set_more"))."
|
||||
<input type='hidden' name='id' value='$i_user_id'>
|
||||
Admin: <input name='admin' type='checkbox'$h_is_admin>
|
||||
<input type='submit' value='Set'>
|
||||
</form>
|
||||
".make_form(make_link("user_admin/change_pass"))."
|
||||
<input type='hidden' name='id' value='{$duser->id}'>
|
||||
<table style='width: 300px;'>
|
||||
<tr><th colspan='2'>Change Password</th></tr>
|
||||
<tr><td>Password</td><td><input type='password' name='pass1'></td></tr>
|
||||
<tr><td>Repeat Password</td><td><input type='password' name='pass2'></td></tr>
|
||||
<tr><td colspan='2'><input type='Submit' value='Change Password'></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
|
||||
<p>".make_form(make_link("user_admin/change_email"))."
|
||||
<input type='hidden' name='id' value='{$duser->id}'>
|
||||
<table style='width: 300px;'>
|
||||
<tr><th colspan='2'>Change Email</th></tr>
|
||||
<tr><td>Address</td><td><input type='text' name='address' value='".html_escape($duser->email)."'></td></tr>
|
||||
<tr><td colspan='2'><input type='Submit' value='Set'></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
";
|
||||
|
||||
if($user->is_admin()) {
|
||||
$i_user_id = int_escape($duser->id);
|
||||
$h_is_admin = $duser->is_admin() ? " checked" : "";
|
||||
$html .= "
|
||||
<p>".make_form(make_link("user_admin/set_more"))."
|
||||
<input type='hidden' name='id' value='$i_user_id'>
|
||||
Admin: <input name='admin' type='checkbox'$h_is_admin>
|
||||
<input type='submit' value='Set'>
|
||||
</form>
|
||||
|
||||
".make_form(make_link("user_admin/delete_user"))."
|
||||
<input type='hidden' name='id' value='$i_user_id'>
|
||||
<input type='submit' value='Delete User' onclick='confirm(\"Delete the user?\");' />
|
||||
</form>
|
||||
|
||||
".make_form(make_link("user_admin/delete_user_with_images"))."
|
||||
<input type='hidden' name='id' value='$i_user_id'>
|
||||
<input type='submit' value='Delete User with images' onclick='confirm(\"Delete the user with his uploaded images?\");' />
|
||||
</form>";
|
||||
}
|
||||
}
|
||||
return $html;
|
||||
}
|
||||
|
|
|
|||
61
install.php
61
install.php
|
|
@ -76,6 +76,15 @@ if(is_readable("config.php")) {
|
|||
</form>
|
||||
";
|
||||
*/
|
||||
echo "<h3>Database quick fix for User deletion</h3>";
|
||||
echo "just a database fix for those who instaled shimmie before 2012 january the 22rd.<br>";
|
||||
echo "Note: some things needs to be done manually, to work properly.<br>";
|
||||
echo "WARNING: ONLY PROCEEDS IF YOU KNOW WHAT YOU ARE DOING!";
|
||||
echo "
|
||||
<form action='install.php?action=Database_user_deletion_fix' method='POST'>
|
||||
<input type='submit' value='go!'>
|
||||
</form>
|
||||
";
|
||||
|
||||
echo "<h3>Log Out</h3>";
|
||||
echo "
|
||||
|
|
@ -87,6 +96,9 @@ if(is_readable("config.php")) {
|
|||
else if($_GET["action"] == "logout") {
|
||||
session_destroy();
|
||||
}
|
||||
else if($_GET["action"] == "Database_user_deletion_fix") {
|
||||
Database_user_deletion_fix();
|
||||
}
|
||||
} else {
|
||||
echo "
|
||||
<h3>Login</h3>
|
||||
|
|
@ -285,7 +297,7 @@ function create_tables() { // {{{
|
|||
INDEX(owner_id),
|
||||
INDEX(width),
|
||||
INDEX(height),
|
||||
FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE CASCADE
|
||||
CONSTRAINT foreign_images_owner_id FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE RESTRICT
|
||||
");
|
||||
$db->create_table("tags", "
|
||||
id SCORE_AIPK,
|
||||
|
|
@ -298,8 +310,8 @@ function create_tables() { // {{{
|
|||
INDEX(image_id),
|
||||
INDEX(tag_id),
|
||||
UNIQUE(image_id, tag_id),
|
||||
FOREIGN KEY (image_id) REFERENCES images(id) ON DELETE CASCADE,
|
||||
FOREIGN KEY (tag_id) REFERENCES tags(id) ON DELETE CASCADE
|
||||
CONSTRAINT foreign_images_tags_image_id FOREIGN KEY (image_id) REFERENCES images(id) ON DELETE CASCADE,
|
||||
CONSTRAINT foreign_images_tags_tag_id FOREIGN KEY (tag_id) REFERENCES tags(id) ON DELETE CASCADE
|
||||
");
|
||||
$db->execute("INSERT INTO config(name, value) VALUES('db_version', 8)");
|
||||
}
|
||||
|
|
@ -372,6 +384,49 @@ EOD;
|
|||
exit;
|
||||
}
|
||||
} // }}}
|
||||
|
||||
function Database_user_deletion_fix() {
|
||||
try {
|
||||
require_once "core/database.class.php";
|
||||
$db = new Database();
|
||||
|
||||
echo "Fixing user_favorites table....";
|
||||
|
||||
($db->Execute("ALTER TABLE user_favorites ENGINE=InnoDB;")) ? print_r("ok<br>") : print_r("failed<br>");
|
||||
echo "adding Foreign key to user ids...";
|
||||
|
||||
($db->Execute("ALTER TABLE user_favorites ADD CONSTRAINT foreign_user_favorites_user_id FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;"))? print_r("ok<br>"):print_r("failed<br>");
|
||||
echo "cleaning, the table from deleted image favorites...<br>";
|
||||
|
||||
$rows = $db->get_all("SELECT * FROM user_favorites WHERE image_id NOT IN ( SELECT id FROM images );");
|
||||
|
||||
foreach( $rows as $key => $value)
|
||||
$db->Execute("DELETE FROM user_favorites WHERE image_id = :image_id;", array("image_id" => $value["image_id"]));
|
||||
|
||||
echo "adding forign key to image ids...";
|
||||
|
||||
($db->Execute("ALTER TABLE user_favorites ADD CONSTRAINT user_favorites_image_id FOREIGN KEY (image_id) REFERENCES images(id) ON DELETE CASCADE;"))? print_r("ok<br>"):print_r("failed<br>");
|
||||
|
||||
echo "adding foreign keys to private messages...";
|
||||
|
||||
($db->Execute("ALTER TABLE private_message
|
||||
ADD CONSTRAINT foreign_private_message_from_id FOREIGN KEY (from_id) REFERENCES users(id) ON DELETE CASCADE,
|
||||
ADD CONSTRAINT foreign_private_message_to_id FOREIGN KEY (to_id) REFERENCES users(id) ON DELETE CASCADE;")) ? print_r("ok<br>"):print_r("failed<br>");
|
||||
|
||||
echo "Just one more step...which you need to do manually:<br>";
|
||||
echo "You need to go to your database and Delete the foreign key on the owner_id in the images table.<br><br>";
|
||||
echo "<a href='http://www.justin-cook.com/wp/2006/05/09/how-to-remove-foreign-keys-in-mysql/'>How to remove foreign keys</a><br><br>";
|
||||
echo "and finally execute this querry:<br><br>";
|
||||
echo "ALTER TABLE images ADD CONSTRAINT foreign_images_owner_id FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE RESTRICT;<br><br>";
|
||||
echo "if this is all sucesfull you are done!";
|
||||
|
||||
}
|
||||
catch (PDOException $e)
|
||||
{
|
||||
// FIXME: Make the error message user friendly
|
||||
exit($e->getMessage());
|
||||
}
|
||||
}
|
||||
?>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
Reference in a new issue