From 7096d8c597045c866ccc1c0c64ecb19354709087 Mon Sep 17 00:00:00 2001 From: x2000habouzit Date: Thu, 18 Nov 2004 15:35:35 +0000 Subject: [PATCH] better handling of dead ppl : updating death date now erases the person from all volatile databases, except mail redirections to delete mail redirections, administrator has to go to admin/utilisateurs.php and perform an unsubscription. DO NOT set perms of dead ppl to "disabled". their smtp+md5 passes are emptied so nobody can use their account. they cannot use the recovery either. so letting them live as simple users is safe. --- htdocs/admin/deces_promo.php | 7 ++++--- htdocs/recovery.php | 4 ++-- include/user.func.inc.php | 9 +++++---- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/htdocs/admin/deces_promo.php b/htdocs/admin/deces_promo.php index 859fe8c..5ceddc0 100644 --- a/htdocs/admin/deces_promo.php +++ b/htdocs/admin/deces_promo.php @@ -18,7 +18,7 @@ * Foundation, Inc., * * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * *************************************************************************** - $Id: deces_promo.php,v 1.8 2004-11-18 14:32:08 x2000habouzit Exp $ + $Id: deces_promo.php,v 1.9 2004-11-18 15:35:35 x2000habouzit Exp $ ***************************************************************************/ require("auto.prepend.inc.php"); @@ -36,11 +36,12 @@ if (isset($_REQUEST["valider"]) && $_REQUEST["valider"] == "Valider") { $res = $globals->db->query("SELECT user_id,matricule,deces FROM auth_user_md5 WHERE promo = $promo"); while (list($uid,$mat,$deces) = mysql_fetch_row($res)) { if($_REQUEST[$mat] == $deces) continue; - $perms=($deces != '0000-00-00' ? ",perms='disabled',password='' " : ''); - $globals->db->query("UPDATE auth_user_md5 SET deces='{$_REQUEST[$mat]}' $perms WHERE matricule = '$mat'"); + $globals->db->query("UPDATE auth_user_md5 SET deces='{$_REQUEST[$mat]}' WHERE matricule = '$mat'"); if($deces=='0000-00-00' or empty($deces)) { require_once('notifs.inc.php'); register_watch_op($uid,WATCH_DEATH,$_REQUEST[$mat]); + require_once('user.func.inc.php'); + user_clear_all_subs($uid, false); // by default, dead ppl do not loose their email } } } diff --git a/htdocs/recovery.php b/htdocs/recovery.php index 2288cb8..efdd8f5 100644 --- a/htdocs/recovery.php +++ b/htdocs/recovery.php @@ -18,7 +18,7 @@ * Foundation, Inc., * * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * *************************************************************************** - $Id: recovery.php,v 1.7 2004-11-18 14:46:24 x2000habouzit Exp $ + $Id: recovery.php,v 1.8 2004-11-18 15:35:35 x2000habouzit Exp $ ***************************************************************************/ require("auto.prepend.inc.php"); @@ -40,7 +40,7 @@ if (isset($_REQUEST['login']) and isset($_REQUEST['birth'])) { $sql="SELECT user_id, naissance FROM auth_user_md5 AS u INNER JOIN aliases AS a ON (u.user_id=a.id AND type!='homonyme') - WHERE a.alias='$mailorg' AND u.perms IN ('admin','user')"; + WHERE a.alias='$mailorg' AND u.perms IN ('admin','user') AND u.deces!=0"; $result=$globals->db->query($sql); if (list($uid,$naissance)=mysql_fetch_array($result)) { if((strlen($naissance))<5) { diff --git a/include/user.func.inc.php b/include/user.func.inc.php index fb87b81..9361382 100644 --- a/include/user.func.inc.php +++ b/include/user.func.inc.php @@ -18,7 +18,7 @@ * Foundation, Inc., * * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * *************************************************************************** - $Id: user.func.inc.php,v 1.2 2004-11-18 14:24:02 x2000habouzit Exp $ + $Id: user.func.inc.php,v 1.3 2004-11-18 15:35:36 x2000habouzit Exp $ ***************************************************************************/ @@ -26,7 +26,7 @@ * we still keep his birthdate, adresses, and personnal stuff * kills the entreprises, mentor, emails and lists subscription stuff */ -function user_clear_all_subs($user_id) { +function user_clear_all_subs($user_id, $del_emails=true) { // keep datas in : aliases, adresses, applis_ins, binets_ins, contacts, groupesx_ins, homonymes, identification_ax, photo // delete in : auth_user_md5, auth_user_quick, competences_ins, emails, entreprises, langues_ins, mentor, // mentor_pays, mentor_secteurs, newsletter_ins, perte_pass, requests, user_changes, virtual_redirect, watch_sub @@ -37,14 +37,15 @@ function user_clear_all_subs($user_id) { $res = $globals->db->query("select alias from aliases where type='a_vie' AND id=$uid"); list($alias) = mysql_fetch_row($res); mysql_free_result($res); + if($del_emails) $globals->db->query("delete from emails where uid=$uid"); + $globals->db->query("delete from virtual_redirect where redirect ='$alias@m4x.org'"); $globals->db->query("delete from virtual_redirect where redirect ='$alias@polytechnique.org'"); - $globals->db->query("update auth_user_md5 SET passwd='',perms='non-inscrit' WHERE user_id=$uid"); + $globals->db->query("update auth_user_md5 SET passwd='',smtppass='' WHERE user_id=$uid"); $globals->db->query("update auth_user_quick SET watch_flags='' WHERE user_id=$uid"); $globals->db->query("delete from competences_ins where uid=$user_id"); - $globals->db->query("delete from emails where uid=$uid"); $globals->db->query("delete from entreprises where uid=$user_id"); $globals->db->query("delete from langues_ins where uid=$user_id"); $globals->db->query("delete from mentor_pays where uid=$user_id"); -- 2.1.4