plugins/admin/UserManager.php
changeset 1141 5a858d6f3634
parent 1099 73abd46f5148
child 1170 71cb87b7dc3f
equal deleted inserted replaced
1140:d90e55caba3a 1141:5a858d6f3634
   149       // true for quiet operation
   149       // true for quiet operation
   150       list(, , $avatar_post_fail) = avatar_post($user_id, true);
   150       list(, , $avatar_post_fail) = avatar_post($user_id, true);
   151       
   151       
   152       if ( count($errors) < 1 && !$avatar_post_fail )
   152       if ( count($errors) < 1 && !$avatar_post_fail )
   153       {
   153       {
   154         $q = $db->sql_query('SELECT u.user_level, u.user_has_avatar, u.avatar_type FROM '.table_prefix.'users AS u WHERE u.user_id = ' . $user_id . ';');
   154         $q = $db->sql_query('SELECT u.user_level, u.user_has_avatar, u.avatar_type, u.username FROM '.table_prefix.'users AS u WHERE u.user_id = ' . $user_id . ';');
   155         if ( !$q )
   155         if ( !$q )
   156           $db->_die();
   156           $db->_die();
   157         
   157         
   158         if ( $db->numrows() < 1 )
   158         if ( $db->numrows() < 1 )
   159         {
   159         {
   162         
   162         
   163         $row = $db->fetchrow();
   163         $row = $db->fetchrow();
   164         $existing_level =& $row['user_level'];
   164         $existing_level =& $row['user_level'];
   165         $avi_type =& $row['avatar_type'];
   165         $avi_type =& $row['avatar_type'];
   166         $has_avi = ( $row['user_has_avatar'] == 1 );
   166         $has_avi = ( $row['user_has_avatar'] == 1 );
       
   167         $old_username = $row['username'];
   167         $db->free_result();
   168         $db->free_result();
   168         
   169         
   169         $to_update_users = array();
   170         $to_update_users = array();
   170         if ( $user_id != $session->user_id )
   171         if ( $user_id != $session->user_id )
   171         {
   172         {
   219               $value = "'" . $db->escape($value) . "'";
   220               $value = "'" . $db->escape($value) . "'";
   220  
   221  
   221             $update_sql .= ( empty($update_sql) ? '' : ',' ) . "$key=$value";
   222             $update_sql .= ( empty($update_sql) ? '' : ',' ) . "$key=$value";
   222           }
   223           }
   223           
   224           
   224           $update_sql = 'UPDATE '.table_prefix."users SET $update_sql WHERE user_id=$user_id;";
   225           $update_sql = 'UPDATE ' . table_prefix . "users SET $update_sql WHERE user_id=$user_id;";
   225           
   226           
   226           $update_sql_extra = '';
   227           $update_sql_extra = '';
   227           
   228           
   228           foreach ( $to_update_users_extra as $key => $unused_crap )
   229           foreach ( $to_update_users_extra as $key => $unused_crap )
   229           {
   230           {
   237           if ( !$db->sql_query($update_sql) )
   238           if ( !$db->sql_query($update_sql) )
   238             $db->_die();
   239             $db->_die();
   239           
   240           
   240           if ( !$db->sql_query($update_sql_extra) )
   241           if ( !$db->sql_query($update_sql_extra) )
   241             $db->_die();
   242             $db->_die();
       
   243           
       
   244           // If the username was changed, we need to update their user page as well
       
   245           if ( $old_username != $username )
       
   246           {
       
   247             $page = new PageProcessor($old_username, 'User');
       
   248             if ( $page->exists() )
       
   249             {
       
   250               // they have a user page, rename it
       
   251               $old_urlname = $db->escape(sanitize_page_id($old_username));
       
   252               $new_urlname = $db->escape(sanitize_page_id($username));
       
   253               $sql = array(
       
   254                       'UPDATE ' . table_prefix . "pages      SET urlname = '$new_urlname' WHERE urlname = '$old_urlname' AND namespace = 'User';",
       
   255                       // Change the page's title ONLY if it exactly matches the old username
       
   256                       'UPDATE ' . table_prefix . "pages      SET name = '" . $db->escape($username) . "' WHERE urlname = '$new_urlname' AND name = '" . $db->escape($old_username) . "' AND namespace = 'User';",
       
   257                       'UPDATE ' . table_prefix . "logs       SET page_id = '$new_urlname' WHERE page_id = '$old_urlname' AND namespace = 'User';",
       
   258                       'UPDATE ' . table_prefix . "tags       SET page_id = '$new_urlname' WHERE page_id = '$old_urlname' AND namespace = 'User';",
       
   259                       'UPDATE ' . table_prefix . "comments   SET page_id = '$new_urlname' WHERE page_id = '$old_urlname' AND namespace = 'User';",
       
   260                       'UPDATE ' . table_prefix . "page_text  SET page_id = '$new_urlname' WHERE page_id = '$old_urlname' AND namespace = 'User';",
       
   261                       'UPDATE ' . table_prefix . "categories SET page_id = '$new_urlname' WHERE page_id = '$old_urlname' AND namespace = 'User';"
       
   262                     );
       
   263               foreach ( $sql as $q )
       
   264               {
       
   265                 if ( !$db->sql_query($q) )
       
   266                   $db->_die('UserManager renaming user page post-username change');
       
   267               }
       
   268             }
       
   269           }
   242           
   270           
   243           if ( $existing_level != $user_level )
   271           if ( $existing_level != $user_level )
   244           {
   272           {
   245             // We need to update group memberships
   273             // We need to update group memberships
   246             if ( $existing_level == USER_LEVEL_ADMIN ) 
   274             if ( $existing_level == USER_LEVEL_ADMIN )