Add Account Unlock button to manage_user_edit_page.php

The button is displayed when it is not possible to reset the user's password as defined by custom function auth_can_change_password(), $g_max_failed_login_count > 0 and the user's failed login count is higher than this threshold. Prior to this, in the case where it is not possible to reset a user's password and $g_max_failed_login_count > 0, the administrator's only way to reset the failed login count was direct SQL update. This was introduced by commit 3eaa71f. Fixes #13690
mantisbt · Dec 19, 2011 · cc61982 · cc61982
1 parent 9781b61
commit cc61982
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 28 deletions.
diff --git a/lang/strings_english.txt b/lang/strings_english.txt
@@ -975,6 +975,7 @@ $s_confirm_account_pruning = 'Are you sure you want to delete old accounts that
 
 # manage_user_page.php
 $s_edit_user_title = 'Edit User';
+$s_account_unlock_button = 'Unlock Account';
 $s_reset_password_button = 'Reset Password';
 $s_delete_user_button = 'Delete User';
 $s_reset_password_msg = 'Reset Password sends the confirmation URL via e-mail.';
@@ -987,6 +988,7 @@ $s_users_new = 'New';
 $s_account_reset_protected_msg = 'Account protected. Cannot reset the password.';
 $s_account_reset_msg = 'A confirmation request has been sent to the selected user\'s e-mail address. Using this, the user will be able to change their password.';
 $s_account_reset_msg2 = 'Account password has been set to blank...';
+$s_account_unlock_msg = 'The account has been unlocked.';
 
 # manage_user_update.php
 $s_manage_user_protected_msg = 'Account protected. Access level and enabled protected. Otherwise, account has been updated...';

diff --git a/manage_user_edit_page.php b/manage_user_edit_page.php
@@ -119,7 +119,7 @@
 		?>
 	</td>
 </tr>
- 
+
 <!-- Access Level -->
 <tr <?php echo helper_alternate_class() ?>>
 	<td class="category">
@@ -175,38 +175,49 @@
 <br />
 
 <!-- RESET AND DELETE -->
+<?php
+	$t_reset = helper_call_custom_function( 'auth_can_change_password', array() );
+	$t_unlock = OFF != config_get( 'max_failed_login_count' ) && $t_user['failed_login_count'] > 0;
+	$t_delete = !( ( user_is_administrator( $t_user_id ) && ( user_count_level( config_get_global( 'admin_site_threshold' ) ) <= 1 ) ) );
+
+	if( $t_reset || $t_unlock || $t_delete ) {
+?>
 <div class="border center">
 
-<!-- Reset Button -->
-<?php if( helper_call_custom_function( 'auth_can_change_password', array() ) ) { ?>
+<!-- Reset/Unlock Button -->
+<?php if( $t_reset || $t_unlock ) { ?>
 	<form method="post" action="manage_user_reset.php">
 <?php echo form_security_field( 'manage_user_reset' ) ?>
 		<input type="hidden" name="user_id" value="<?php echo $t_user['id'] ?>" />
+<?php if( $t_reset ) { ?>
 		<input type="submit" class="button" value="<?php echo lang_get( 'reset_password_button' ) ?>" />
+<?php } else { ?>
+		<input type="submit" class="button" value="<?php echo lang_get( 'account_unlock_button' ) ?>" />
+<?php } ?>
 	</form>
 <?php } ?>
 
 <!-- Delete Button -->
-<?php if ( !( ( user_is_administrator( $t_user_id ) && ( user_count_level( config_get_global( 'admin_site_threshold' ) ) <= 1 ) ) ) ) { ?>
+<?php if ( $t_delete ) { ?>
 	<form method="post" action="manage_user_delete.php">
 <?php echo form_security_field( 'manage_user_delete' ) ?>
-
 		<input type="hidden" name="user_id" value="<?php echo $t_user['id'] ?>" />
 		<input type="submit" class="button" value="<?php echo lang_get( 'delete_user_button' ) ?>" />
 	</form>
 <?php } ?>
 </div>
-<br />
-<?php if( !$t_ldap ) { ?>
-<div align="center">
-<?php
-	if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
-		echo lang_get( 'reset_password_msg' );
-	} else {
-		echo lang_get( 'reset_password_msg2' );
-	}
-?>
-</div>
+	<?php if( $t_reset ) { ?>
+	<div align="center">
+	<br />
+	<?php
+		if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
+			echo lang_get( 'reset_password_msg' );
+		} else {
+			echo lang_get( 'reset_password_msg2' );
+		}
+	?>
+	</div>
+	<?php } ?>
 <?php } ?>
 
 

diff --git a/manage_user_reset.php b/manage_user_reset.php
@@ -40,8 +40,14 @@
 	# current user.
 	access_ensure_global_level( $t_user['access_level'] );
 
-	if ( !helper_call_custom_function( 'auth_can_change_password', array() ) ) {
-		trigger_error( ERROR_LOST_PASSWORD_NOT_ENABLED, ERROR );
+	# If the password can be changed, we reset it, otherwise we unlock
+	# the account (i.e. reset failed login count)
+	$t_reset = helper_call_custom_function( 'auth_can_change_password', array() );
+
+	if ( $t_reset ) {
+		$t_result = user_reset_password( $f_user_id );
+	} else {
+		$t_result = user_reset_failed_login_count_to_zero( $f_user_id );
 	}
 
 	$t_result = user_reset_password( $f_user_id );
@@ -54,18 +60,23 @@
 	echo '<br />';
 	echo '<div align="center">';
 
-	if ( false == $t_result ) {
-		# PROTECTED
-		echo lang_get( 'account_reset_protected_msg' ) . '<br />';
-	} else {
-		# SUCCESS
-		if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
-			# send the new random password via email
-			echo lang_get( 'account_reset_msg' ) . '<br />';
+	if ( $t_reset ) {
+		if ( false == $t_result ) {
+			# PROTECTED
+			echo lang_get( 'account_reset_protected_msg' ) . '<br />';
 		} else {
-			# email notification disabled, then set the password to blank
-			echo lang_get( 'account_reset_msg2' ) . '<br />';
+			# SUCCESSFUL RESET
+			if ( ( ON == config_get( 'send_reset_password' ) ) && ( ON == config_get( 'enable_email_notification' ) ) ) {
+				# send the new random password via email
+				echo lang_get( 'account_reset_msg' ) . '<br />';
+			} else {
+				# email notification disabled, then set the password to blank
+				echo lang_get( 'account_reset_msg2' ) . '<br />';
+			}
 		}
+	} else {
+		# UNLOCK
+		echo lang_get( 'account_unlock_msg' ) . '<br />';
 	}
 
 	print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) );