Add Account Unlock button to manage_user_edit_page.php

dregad · dregad · commit 42e29db39562 · 2012-01-01T00:18:14.000+01:00
The button is displayed when it is not possible to reset the user's password as defined by custom function auth_can_change_password(), $g_max_failed_login_count > 0 and the user's failed login count is higher than this threshold. Prior to this, in the case where it is not possible to reset a user's password and $g_max_failed_login_count > 0, the administrator's only way to reset the failed login count was direct SQL update. This was introduced by commit aa48e0c. Fixes #13690
diff --git a/lang/strings_english.txt b/lang/strings_english.txt
@@ -896,6 +896,7 @@ If you requested this verification, visit the following URL to change your passw
 
 	# manage_user_page.php
 	'edit_user_title' => 'Edit User',
+	'account_unlock_button' => 'Unlock Account',
 	'reset_password_button' => 'Reset Password',
 	'delete_user_button' => 'Delete User',
 	'reset_password_msg' => 'Reset Password sends the confirmation URL via e-mail.',
@@ -908,6 +909,7 @@ If you requested this verification, visit the following URL to change your passw
 	'account_reset_protected_msg' => 'Account protected. Cannot reset the password.',
 	'account_reset_msg' => 'A confirmation request has been sent to the selected user\'s e-mail address. Using this, the user will be able to change their password.',
 	'account_reset_msg2' => 'Account password has been set to blank...',
+	'account_unlock_msg' => 'The account has been unlocked.',
 
 	# manage_user_update.php
 	'manage_user_protected_msg' => 'Account protected. Access level and enabled protected. Otherwise, account has been updated...',
diff --git a/manage_user_edit_page.php b/manage_user_edit_page.php
@@ -171,19 +171,34 @@
 	</form>
 </div>
 
+<?php
+// User action buttons: RESET/UNLOCK and DELETE
+
+$t_reset = helper_call_custom_function( 'auth_can_change_password', array() );
+$t_unlock = OFF != config_get( 'max_failed_login_count' ) && $t_user['failed_login_count'] > 0;
+$t_delete = !( ( user_is_administrator( $t_user_id ) && ( user_count_level( config_get_global( 'admin_site_threshold' ) ) <= 1 ) ) );
+
+if( $t_reset || $t_unlock || $t_delete ) {
+?>
 <div id="manage-user-actions-div" class="form-container">
-<?php if( helper_call_custom_function( 'auth_can_change_password', array() ) ) { ?>
+
+<!-- Reset/Unlock Button -->
+<?php if( $t_reset || $t_unlock ) { ?>
 	<form id="manage-user-reset-form" method="post" action="manage_user_reset.php" class="action-button">
 		<fieldset>
-		<?php echo form_security_field( 'manage_user_reset' ) ?>
-		<input type="hidden" name="user_id" value="<?php echo $t_user['id'] ?>" />
+			<?php echo form_security_field( 'manage_user_reset' ) ?>
+			<input type="hidden" name="user_id" value="<?php echo $t_user['id'] ?>" />
+<?php	if( $t_reset ) { ?>
 			<span><input type="submit" class="button" value="<?php echo lang_get( 'reset_password_button' ) ?>" /></span>
+<?php	} else { ?>
+			<span><input type="submit" class="button" value="<?php echo lang_get( 'account_unlock_button' ) ?>" /></span>
+<?php	} ?>
 		</fieldset>
 	</form>
 <?php } ?>
 
 <!-- Delete Button -->
-<?php if ( !( ( user_is_administrator( $t_user_id ) && ( user_count_level( config_get_global( 'admin_site_threshold' ) ) <= 1 ) ) ) ) { ?>
+<?php if ( $t_delete ) { ?>
 	<form id="manage-user-delete-form" method="post" action="manage_user_delete.php" class="action-button">
 		<fieldset>
 			<?php echo form_security_field( 'manage_user_delete' ) ?>
@@ -193,8 +208,9 @@
 	</form>
 <?php } ?>
 </div>
+<?php } ?>
 
-<?php if( !$t_ldap ) { ?>
+<?php if( $t_reset ) { ?>
 <div class="important-msg">
 <?php
 	if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
diff --git a/manage_user_reset.php b/manage_user_reset.php
@@ -63,8 +63,13 @@
 # current user.
 access_ensure_global_level( $t_user['access_level'] );
 
-if ( !helper_call_custom_function( 'auth_can_change_password', array() ) ) {
-	trigger_error( ERROR_LOST_PASSWORD_NOT_ENABLED, ERROR );
+# If the password can be changed, we reset it, otherwise we unlock
+# the account (i.e. reset failed login count)
+$t_reset = helper_call_custom_function( 'auth_can_change_password', array() );
+if ( $t_reset ) {
+	$t_result = user_reset_password( $f_user_id );
+} else {
+	$t_result = user_reset_failed_login_count_to_zero( $f_user_id );
 }
 
 $t_result = user_reset_password( $f_user_id );
@@ -77,18 +82,23 @@
 echo '<br />';
 echo '<div>';
 
-if ( false == $t_result ) {
-	# PROTECTED
-	echo lang_get( 'account_reset_protected_msg' ) . '<br />';
-} else {
-	# SUCCESS
-	if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
-		# send the new random password via email
-		echo lang_get( 'account_reset_msg' ) . '<br />';
+if( $t_reset ) {
+	if ( false == $t_result ) {
+		# PROTECTED
+		echo lang_get( 'account_reset_protected_msg' ) . '<br />';
 	} else {
-		# email notification disabled, then set the password to blank
-		echo lang_get( 'account_reset_msg2' ) . '<br />';
+		# SUCCESSFUL RESET
+		if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
+			# send the new random password via email
+			echo lang_get( 'account_reset_msg' ) . '<br />';
+		} else {
+			# email notification disabled, then set the password to blank
+			echo lang_get( 'account_reset_msg2' ) . '<br />';
+		}
 	}
+} else {
+	# UNLOCK
+	echo lang_get( 'account_unlock_msg' ) . '<br />';
 }
 
 print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) );
