1 files changed, 118 insertions, 44 deletions
diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php
index ffe20f86f5..a5dc02849a 100644
--- a/phpBB/includes/acp/acp_prune.php
+++ b/phpBB/includes/acp/acp_prune.php
@@ -2,9 +2,8 @@
 /**
 *
 * @package acp
-* @version $Id$
 * @copyright (c) 2005 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
 *
 */
 
@@ -243,8 +242,8 @@ class acp_prune
 			if (confirm_box(true))
 			{
 				$user_ids = $usernames = array();
-				$this->get_prune_users($user_ids, $usernames);
 
+				$this->get_prune_users($user_ids, $usernames);
 				if (sizeof($user_ids))
 				{
 					if ($action == 'deactivate')
@@ -256,19 +255,13 @@ class acp_prune
 					{
 						if ($deleteposts)
 						{
-							foreach ($user_ids as $user_id)
-							{
-								user_delete('remove', $user_id);
-							}
+							user_delete('remove', $user_ids);
 							
 							$l_log = 'LOG_PRUNE_USER_DEL_DEL';
 						}
 						else
 						{
-							foreach ($user_ids as $user_id)
-							{
-								user_delete('retain', $user_id, $usernames[$user_id]);
-							}
+							user_delete('retain', $user_ids, true);
 
 							$l_log = 'LOG_PRUNE_USER_DEL_ANON';
 						}
@@ -300,6 +293,7 @@ class acp_prune
 				{
 					$template->assign_block_vars('users', array(
 						'USERNAME'			=> $usernames[$user_id],
+						'USER_ID'           => $user_id,
 						'U_PROFILE'			=> append_sid($phpbb_root_path . 'memberlist.' . $phpEx, 'mode=viewprofile&amp;u=' . $user_id),
 						'U_USER_ADMIN'		=> ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',
 					));
@@ -315,17 +309,7 @@ class acp_prune
 					'mode'			=> $mode,
 					'prune'			=> 1,
 
-					'users'			=> utf8_normalize_nfc(request_var('users', '', true)),
-					'username'		=> utf8_normalize_nfc(request_var('username', '', true)),
-					'email'			=> request_var('email', ''),
-					'joined_select'	=> request_var('joined_select', ''),
-					'joined'		=> request_var('joined', ''),
-					'active_select'	=> request_var('active_select', ''),
-					'active'		=> request_var('active', ''),
-					'count_select'	=> request_var('count_select', ''),
-					'count'			=> request_var('count', ''),
 					'deleteposts'	=> request_var('deleteposts', 0),
-
 					'action'		=> request_var('action', ''),
 				)), 'confirm_body_prune.html');
 			}
@@ -341,22 +325,29 @@ class acp_prune
 		}
 
 		$find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']);
-		$s_find_join_time = '';
-		foreach ($find_time as $key => $value)
-		{
-			$s_find_join_time .= '<option value="' . $key . '">' . $value . '</option>';
-		}
-		
 		$s_find_active_time = '';
 		foreach ($find_time as $key => $value)
 		{
 			$s_find_active_time .= '<option value="' . $key . '">' . $value . '</option>';
 		}
 
+		$s_group_list = '';
+		$sql = 'SELECT group_id, group_name
+			FROM ' . GROUPS_TABLE . '
+			WHERE group_type <> ' . GROUP_SPECIAL . '
+			ORDER BY group_name ASC';
+		$result = $db->sql_query($sql);
+
+		while ($row = $db->sql_fetchrow($result))
+		{
+			$s_group_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</select>';
+		}
+		$db->sql_freeresult($result);
+
 		$template->assign_vars(array(
 			'U_ACTION'			=> $this->u_action,
-			'S_JOINED_OPTIONS'	=> $s_find_join_time,
 			'S_ACTIVE_OPTIONS'	=> $s_find_active_time,
+			'S_GROUP_LIST'      => $s_group_list,
 			'S_COUNT_OPTIONS'	=> $s_find_count,
 			'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=acp_prune&amp;field=users'),
 		));
@@ -369,33 +360,70 @@ class acp_prune
 	{
 		global $user, $db;
 
-		$users = utf8_normalize_nfc(request_var('users', '', true));
-		
-		if ($users)
+		$users_by_name = request_var('users', '', true);
+		$users_by_id = request_var('user_ids', array(0));
+		$group_id = request_var('group_id', 0);
+		$posts_on_queue = request_var('posts_on_queue', 0);
+
+		if ($users_by_name)
 		{
-			$users = explode("\n", $users);
+			$users = explode("\n", $users_by_name);
 			$where_sql = ' AND ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', $users));
 		}
+		else if (!empty($users_by_id))
+		{
+			$user_ids = $users_by_id;
+			user_get_id_name($user_ids, $usernames);
+
+			$where_sql = ' AND ' . $db->sql_in_set('user_id', $user_ids);
+		}
 		else
 		{
-			$username = utf8_normalize_nfc(request_var('username', '', true));
+			$username = request_var('username', '', true);
 			$email = request_var('email', '');
+			$website = request_var('website', '');
 
-			$joined_select = request_var('joined_select', 'lt');
 			$active_select = request_var('active_select', 'lt');
 			$count_select = request_var('count_select', 'eq');
-			$joined = request_var('joined', '');
+			$queue_select = request_var('queue_select', 'gt');
+			$joined_before = request_var('joined_before', '');
+			$joined_after = request_var('joined_after', '');
 			$active = request_var('active', '');
 
+			$count = request_var('count', 0);
+
 			$active = ($active) ? explode('-', $active) : array();
-			$joined = ($joined) ? explode('-', $joined) : array();
+			$joined_before = ($joined_before) ? explode('-', $joined_before) : array();
+			$joined_after = ($joined_after) ? explode('-', $joined_after) : array();
 
-			if ((sizeof($active) && sizeof($active) != 3) || (sizeof($joined) && sizeof($joined) != 3))
+			// calculate the conditions required by the join time criteria
+			$joined_sql = '';
+			if (!empty($joined_before) && !empty($joined_after))
 			{
-				trigger_error($user->lang['WRONG_ACTIVE_JOINED_DATE'] . adm_back_link($this->u_action), E_USER_WARNING);
+				// if the two entered dates are equal, we need to adjust
+				// so that our time range is a full day instead of 1 second
+				if ($joined_after == $joined_before)
+				{
+					$joined_after[2] += 1;
+				}
+
+				$joined_sql = ' AND user_regdate BETWEEN ' . gmmktime(0, 0, 0, (int) $joined_after[1], (int) $joined_after[2], (int) $joined_after[0]) .
+					' AND ' . gmmktime(0, 0, 0, (int) $joined_before[1], (int) $joined_before[2], (int) $joined_before[0]);
 			}
+			else if (empty($joined_before) && !empty($joined_after))
+			{
+				$joined_sql = ' AND user_regdate > ' . gmmktime(0, 0, 0, (int) $joined_after[1], (int) $joined_after[2], (int) $joined_after[0]);
+			}
+			else if (empty($joined_after) && !empty($joined_before))
+			{
+				$joined_sql = ' AND user_regdate < ' . gmmktime(0, 0, 0, (int) $joined_before[1], (int) $joined_before[2], (int) $joined_before[0]);
+			}
+			// implicit else when both arrays are empty do nothing
 
-			$count = request_var('count', '');
+			if ((sizeof($active) && sizeof($active) != 3) || (sizeof($joined_before) && sizeof($joined_before) != 3) || (sizeof($joined_after) && sizeof($joined_after) != 3))
+			{
+				trigger_error($user->lang['WRONG_ACTIVE_JOINED_DATE'] . adm_back_link($this->u_action), E_USER_WARNING);
+			}
 
 			$key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
 			$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
@@ -403,8 +431,9 @@ class acp_prune
 			$where_sql = '';
 			$where_sql .= ($username) ? ' AND username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : '';
 			$where_sql .= ($email) ? ' AND user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';
-			$where_sql .= (sizeof($joined)) ? " AND user_regdate " . $key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]) : '';
-			$where_sql .= ($count !== '') ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
+			$where_sql .= ($website) ? ' AND user_website ' . $db->sql_like_expression(str_replace('*', $db->any_char, $website)) . ' ' : '';
+			$where_sql .= $joined_sql;
+			$where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . ' ' . (int) $count . ' ' : '';
 
 			// First handle pruning of users who never logged in, last active date is 0000-00-00
 			if (sizeof($active) && (int) $active[0] == 0 && (int) $active[1] == 0 && (int) $active[2] == 0)
@@ -447,7 +476,6 @@ class acp_prune
 			$where_sql";
 		$result = $db->sql_query($sql);
 
-		$where_sql = '';
 		$user_ids = $usernames = array();
 
 		while ($row = $db->sql_fetchrow($result))
@@ -460,7 +488,53 @@ class acp_prune
 			}
 		}
 		$db->sql_freeresult($result);
+
+		if ($group_id)
+		{
+			$sql = 'SELECT user_id
+				FROM ' . USER_GROUP_TABLE . '
+				WHERE group_id = ' . (int) $group_id . '
+					AND user_pending = 0
+					AND ' . $db->sql_in_set('user_id', $user_ids, false, true);
+			$result = $db->sql_query($sql);
+
+			// we're performing an intersection operation, so all the relevant users
+			// come from this most recent query (which was limited to the results of the
+			// previous query)
+			$user_ids = $usernames = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$user_ids[] = $row['poster_id'];
+			}
+			$db->sql_freeresult($result);
+
+			// only get usernames if they are needed (not part of some later query)
+			if (!$posts_on_queue)
+			{
+				// this is an additional query aginst the users table
+				user_get_id_name($user_ids, $usernames);
+			}
+		}
+
+		if ($posts_on_queue)
+		{
+			$sql = 'SELECT poster_id, COUNT(post_id) AS queue_posts
+				FROM ' . POSTS_TABLE . '
+				WHERE ' . $db->sql_in_set('poster_id', $user_ids, false, true) . '
+				GROUP BY poster_id
+				HAVING queue_posts ' . $key_match[$queue_select] . ' ' . $posts_on_queue;
+			$result = $db->sql_query($result);
+
+			// same intersection logic as the above group ID portion
+			$user_ids = $usernames = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$user_ids[] = $row['poster_id'];
+			}
+			$db->sql_freeresult($result);
+
+			// do an additional query to get the correct set of usernames
+			user_get_id_name($user_ids, $usernames);
+		}
 	}
 }
-
-?>
-\ No newline at end of file