function login_user_block_user_name in Login Security 5

Same name and namespace in other branches

1. 8 login_security.module \login_user_block_user_name()
2. 6 login_security.module \login_user_block_user_name()
3. 7 login_security.module \login_user_block_user_name()
4. 2.x login_security.module \login_user_block_user_name()

Block a user by user name. If no user id then block current user.

Parameters

$name: Optional. The unique string identifying the user.

1 call to login_user_block_user_name()

login_security_validate in ./login_security.module

Implementation of form validate. This functions does more than just validating, but it's main Intention is to break the login form flow.

File

./login_security.module, line 335

Login Security

Code

function login_user_block_user_name($variables) {
  if ($variables['%uid'] > 1) {
    form_set_error('void', t(variable_get('login_security_user_blocked', LOGIN_SECURITY_USER_BLOCKED), $variables));

    // Modifying the user table is not an option so it disables the user hooks. Need to do
    // firing the hook so user_notifications can be used.
    // db_query("UPDATE {users} SET status = 0 WHERE uid = %d", $uid);
    $uid = $variables['%uid'];
    $account = user_load(array(
      "uid" => $uid,
    ));
    user_save($account, array(
      'status' => 0,
    ), NULL);

    // remove user from site now.
    sess_destroy_uid($uid);
    watchdog('security', t('Blocked user %name: with id %uid due to security configuration', $variables));

    // Send admin email
    if (variable_get('login_security_user_blocked_email', LOGIN_SECURITY_USER_BLOCKED_EMAIL)) {
      $from = variable_get('site_mail', ini_get('sendmail_from'));
      $headers = array(
        'X-Mailer' => 'Drupal Login Security module http://drupal.org/project/login_security',
      );
      $admin_mail = db_result(db_query("SELECT mail FROM {users} WHERE uid = 1"));
      $subject = strtr(variable_get('login_security_user_blocked_email_subject', LOGIN_SECURITY_USER_BLOCKED_EMAIL_SUBJECT), $variables);
      $body = strtr(variable_get('login_security_user_blocked_email_mody', LOGIN_SECURITY_USER_BLOCKED_EMAIL_BODY), $variables);
      return drupal_mail('login_security', $admin_mail, $subject, $body, $from, $headers);
    }
  }
}