1<?php 2# MantisBT - A PHP based bugtracking system 3 4# MantisBT is free software: you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation, either version 2 of the License, or 7# (at your option) any later version. 8# 9# MantisBT is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * Prune old/unused users from database 19 * 20 * @package MantisBT 21 * @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org 22 * @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net 23 * @link http://www.mantisbt.org 24 * 25 * @uses core.php 26 * @uses access_api.php 27 * @uses authentication_api.php 28 * @uses config_api.php 29 * @uses constant_inc.php 30 * @uses database_api.php 31 * @uses form_api.php 32 * @uses helper_api.php 33 * @uses lang_api.php 34 * @uses print_api.php 35 * @uses user_api.php 36 */ 37 38require_once( 'core.php' ); 39require_api( 'access_api.php' ); 40require_api( 'authentication_api.php' ); 41require_api( 'config_api.php' ); 42require_api( 'constant_inc.php' ); 43require_api( 'database_api.php' ); 44require_api( 'form_api.php' ); 45require_api( 'helper_api.php' ); 46require_api( 'lang_api.php' ); 47require_api( 'print_api.php' ); 48require_api( 'user_api.php' ); 49 50form_security_validate( 'manage_user_prune' ); 51 52auth_reauthenticate(); 53 54access_ensure_global_level( config_get( 'manage_user_threshold' ) ); 55 56 57# Delete the users who have never logged in and are older than 1 week 58$t_days_old = (int)7 * SECONDS_PER_DAY; 59 60$t_query = 'SELECT id, access_level FROM {user} 61 WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND ' . 62 '( protected = 0 ) AND ' . db_helper_compare_time( db_param(), '>', 'date_created', $t_days_old ); 63$t_result = db_query( $t_query, array( db_now() ) ); 64 65if( !$t_result ) { 66 trigger_error( ERROR_GENERIC, ERROR ); 67} 68 69$t_count = db_num_rows( $t_result ); 70 71if( $t_count > 0 ) { 72 helper_ensure_confirmed( lang_get( 'confirm_account_pruning' ), 73 lang_get( 'prune_accounts_button' ) ); 74} 75 76for( $i=0; $i < $t_count; $i++ ) { 77 $t_row = db_fetch_array( $t_result ); 78 # Don't prune accounts with a higher global access level than the current user 79 if( access_has_global_level( $t_row['access_level'] ) ) { 80 user_delete( $t_row['id'] ); 81 } 82} 83 84form_security_purge( 'manage_user_prune' ); 85 86print_header_redirect( 'manage_user_page.php' ); 87