From 702ed497040bf75da25123c745a9e7592a5ef3be Mon Sep 17 00:00:00 2001
From: Sebastian Grewe <sebastian@grewe.ca>
Date: Fri, 17 Jan 2014 12:55:40 +0100
Subject: [PATCH] [ADDED] Account lock status

* Lock 1: user confirmation/unlock pending, count shares
* Lock 2: Admin disabled, ignore shares

This further addresses #1332 and should allow proper dropping of shares
for banned accounts.
---
 public/include/classes/share.class.php       | 6 +++---
 public/include/classes/user.class.php        | 8 ++++----
 public/include/pages/account/confirm.inc.php | 2 +-
 public/include/pages/account/unlock.inc.php  | 4 ++--
 public/include/pages/admin/user.inc.php      | 4 +++-
 5 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/public/include/classes/share.class.php b/public/include/classes/share.class.php
index 51c8a1ed..1c8f9951 100644
--- a/public/include/classes/share.class.php
+++ b/public/include/classes/share.class.php
@@ -82,7 +82,7 @@ class Share Extends Base {
       FROM $this->table AS s
       LEFT JOIN " . $this->user->getTableName() . " AS a
       ON a.username = SUBSTRING_INDEX( s.username , '.', 1 )
-      WHERE s.id > ? AND s.id <= ? AND s.our_result = 'Y' AND a.is_locked = 0
+      WHERE s.id > ? AND s.id <= ? AND s.our_result = 'Y' AND a.is_locked != 2
       ");
     if ($this->checkStmt($stmt) && $stmt->bind_param('ii', $previous_upstream, $current_upstream) && $stmt->execute() && $result = $stmt->get_result())
       return $result->fetch_object()->total;
@@ -107,7 +107,7 @@ class Share Extends Base {
       FROM $this->table AS s
       LEFT JOIN " . $this->user->getTableName() . " AS a
       ON a.username = SUBSTRING_INDEX( s.username , '.', 1 )
-      WHERE s.id > ? AND s.id <= ? AND a.is_locked = 0
+      WHERE s.id > ? AND s.id <= ? AND a.is_locked != 2
       GROUP BY username DESC
       ");
     if ($this->checkStmt($stmt) && $stmt->bind_param('ii', $previous_upstream, $current_upstream) && $stmt->execute() && $result = $stmt->get_result())
@@ -154,7 +154,7 @@ class Share Extends Base {
       FROM $this->tableArchive AS s
       LEFT JOIN " . $this->user->getTableName() . " AS a
       ON a.username = SUBSTRING_INDEX( s.username , '.', 1 )
-      WHERE s.share_id > ? AND s.share_id <= ? AND a.is_locked = 0
+      WHERE s.share_id > ? AND s.share_id <= ? AND a.is_locked != 2
       GROUP BY account DESC");
     if ($this->checkStmt($stmt) && $stmt->bind_param("ii", $iMinId, $iMaxId) && $stmt->execute() && $result = $stmt->get_result()) {
       $aData = NULL;
diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php
index 07ec6b2d..2902c5e2 100644
--- a/public/include/classes/user.class.php
+++ b/public/include/classes/user.class.php
@@ -71,8 +71,8 @@ class User extends Base {
     $field = array('name' => 'no_fees', 'type' => 'i', 'value' => !$this->isNoFee($id));
     return $this->updateSingle($id, $field);
   }
-  public function changeLocked($id) {
-    $field = array('name' => 'is_locked', 'type' => 'i', 'value' => !$this->isLocked($id));
+  public function setLocked($id, $value) {
+    $field = array('name' => 'is_locked', 'type' => 'i', 'value' => $value);
     return $this->updateSingle($id, $field);
   }
   public function changeAdmin($id) {
@@ -172,7 +172,7 @@ class User extends Base {
       $this->incUserFailed($id);
       // Check if this account should be locked
       if (isset($this->config['maxfailed']['login']) && $this->getUserFailed($id) >= $this->config['maxfailed']['login']) {
-        $this->changeLocked($id);
+        $this->setLocked($id, 1);
         if ($token = $this->token->createToken('account_unlock', $id)) {
           $aData['token'] = $token;
           $aData['username'] = $username;
@@ -204,7 +204,7 @@ class User extends Base {
     $this->incUserPinFailed($userId);
     // Check if this account should be locked
     if (isset($this->config['maxfailed']['pin']) && $this->getUserPinFailed($userId) >= $this->config['maxfailed']['pin']) {
-      $this->changeLocked($userId);
+      $this->setLocked($userId, 1);
       if ($token = $this->token->createToken('account_unlock', $userId)) {
         $username = $this->getUserName($userId);
         $aData['token'] = $token;
diff --git a/public/include/pages/account/confirm.inc.php b/public/include/pages/account/confirm.inc.php
index d1917e70..829abcb7 100644
--- a/public/include/pages/account/confirm.inc.php
+++ b/public/include/pages/account/confirm.inc.php
@@ -9,7 +9,7 @@ if (!isset($_GET['token']) || empty($_GET['token'])) {
 } else if (!$aToken = $oToken->getToken($_GET['token'], 'confirm_email')) {
   $_SESSION['POPUP'][] = array('CONTENT' => 'Unable to activate your account. Invalid token.', 'TYPE' => 'errormsg');
 } else {
-  $user->changeLocked($aToken['account_id']);
+  $user->setLocked($aToken['account_id'], 0);
   $oToken->deleteToken($aToken['token']);
   $_SESSION['POPUP'][] = array('CONTENT' => 'Account activated. Please login.');
 }
diff --git a/public/include/pages/account/unlock.inc.php b/public/include/pages/account/unlock.inc.php
index f31a272a..b9d5763b 100644
--- a/public/include/pages/account/unlock.inc.php
+++ b/public/include/pages/account/unlock.inc.php
@@ -10,7 +10,7 @@ if (!isset($_GET['token']) || empty($_GET['token'])) {
   $_SESSION['POPUP'][] = array('CONTENT' => 'Unable to re-activate your account. Invalid token.', 'TYPE' => 'errormsg');
 } else {
   if (!$config['csrf']['enabled'] || $config['csrf']['enabled'] && $csrftoken->valid) {
-    if ($user->setUserFailed($aToken['account_id'], 0) && $user->setUserPinFailed($aToken['account_id'], 0) && $user->changeLocked($aToken['account_id'])) {
+    if ($user->setUserFailed($aToken['account_id'], 0) && $user->setUserPinFailed($aToken['account_id'], 0) && $user->setLocked($aToken['account_id'], 0)) {
       $oToken->deleteToken($aToken['token']);
       $_SESSION['POPUP'][] = array('CONTENT' => 'Account re-activated. Please login.');
     } else {
@@ -22,4 +22,4 @@ if (!isset($_GET['token']) || empty($_GET['token'])) {
 }
 $smarty->assign('CONTENT', 'default.tpl');
 
-?>
\ No newline at end of file
+?>
diff --git a/public/include/pages/admin/user.inc.php b/public/include/pages/admin/user.inc.php
index 380c86c3..5fa21dfc 100644
--- a/public/include/pages/admin/user.inc.php
+++ b/public/include/pages/admin/user.inc.php
@@ -22,8 +22,10 @@ switch (@$_REQUEST['do']) {
 case 'lock':
   $supress_master = 1;
   // Reset user account
-  $user->changeLocked($_POST['account_id']);
   if ($user->isLocked($_POST['account_id']) == 0) {
+    $user->setLocked($_POST['account_id'], 1);
+  } else {
+    $user->setLocked($_POST['account_id'], 0);
     $user->setUserFailed($_POST['account_id'], 0);
     $user->setUserPinFailed($_POST['account_id'], 0);
   }