Context Navigation

source: trunk/admin/include/c13y_internal.class.php @ 4304

Last change on this file since 4304 was 4304, checked in by Eric, 14 years ago

Escape all login and username characters in database
Display correctly usernames

(I hope not to have made mistakes)

Property svn:eol-style set to LF

File size: 7.2 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2009 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	class c13y_internal
25	{
26	function c13y_internal()
27	{
28	add_event_handler('list_check_integrity', array(&$this, 'c13y_version'));
29	add_event_handler('list_check_integrity', array(&$this, 'c13y_exif'));
30	add_event_handler('list_check_integrity', array(&$this, 'c13y_user'));
31	}
32
33	/**
34	* Check version
35	*
36	* @param c13y object
37	* @return void
38	*/
39	function c13y_version($c13y)
40	{
41	$check_list = array();
42
43	$check_list[] = array('type' => 'PHP', 'current' => phpversion(), 'required' => REQUIRED_PHP_VERSION);
44
45	list($mysql_version) = mysql_fetch_row(pwg_query('SELECT VERSION();'));
46	$check_list[] = array('type' => 'MySQL', 'current' => $mysql_version, 'required' => REQUIRED_MYSQL_VERSION);
47
48	foreach ($check_list as $elem)
49	{
50	if (version_compare($elem['current'], $elem['required'], '<'))
51	{
52	$c13y->add_anomaly(
53	sprintf(l10n('c13y_version_anomaly'), $elem['type'], $elem['current'], $elem['required']),
54	null,
55	null,
56	l10n('c13y_version_correction')
57	.'<br>'.
58	$c13y->get_htlm_links_more_info());
59	}
60	}
61	}
62
63	/**
64	* Check exif
65	*
66	* @param c13y object
67	* @return void
68	*/
69	function c13y_exif($c13y)
70	{
71	global $conf;
72
73	foreach (array('show_exif', 'use_exif') as $value)
74	{
75	if (($conf[$value]) and (!function_exists('read_exif_data')))
76	{
77	$c13y->add_anomaly(
78	sprintf(l10n('c13y_exif_anomaly'), '$conf[\''.$value.'\']'),
79	null,
80	null,
81	sprintf(l10n('c13y_exif_correction'), '$conf[\''.$value.'\']')
82	.'<br>'.
83	$c13y->get_htlm_links_more_info());
84	}
85	}
86	}
87
88	/**
89	* Check user
90	*
91	* @param c13y object
92	* @return void
93	*/
94	function c13y_user($c13y)
95	{
96	global $conf;
97
98	$c13y_users = array();
99	$c13y_users[$conf['guest_id']] = array(
100	'status' => 'guest',
101	'l10n_non_existent' => 'c13y_guest_non_existent',
102	'l10n_bad_status' => 'c13y_bad_guest_status');
103
104	if ($conf['guest_id'] != $conf['default_user_id'])
105	{
106	$c13y_users[$conf['default_user_id']] = array(
107	'password' => null,
108	'l10n_non_existent' => 'c13y_default_non_existent');
109	}
110
111	$c13y_users[$conf['webmaster_id']] = array(
112	'status' => 'webmaster',
113	'l10n_non_existent' => 'c13y_webmaster_non_existent',
114	'l10n_bad_status' => 'c13y_bad_webmaster_status');
115
116	$query = '
117	select u.'.$conf['user_fields']['id'].' as id, ui.status
118	from '.USERS_TABLE.' as u
119	left join '.USER_INFOS_TABLE.' as ui
120	on u.'.$conf['user_fields']['id'].' = ui.user_id
121	where
122	u.'.$conf['user_fields']['id'].' in ('.implode(',', array_keys($c13y_users)).')
123	;';
124
125
126	$status = array();
127
128	$result = pwg_query($query);
129	while ($row = mysql_fetch_assoc($result))
130	{
131	$status[$row['id']] = $row['status'];
132	}
133
134	foreach ($c13y_users as $id => $data)
135	{
136	if (!array_key_exists($id, $status))
137	{
138	$c13y->add_anomaly(l10n($data['l10n_non_existent']), 'c13y_correction_user',
139	array('id' => $id, 'action' => 'creation'));
140	}
141	else
142	if (!empty($data['status']) and $status[$id] != $data['status'])
143	{
144	$c13y->add_anomaly(l10n($data['l10n_bad_status']), 'c13y_correction_user',
145	array('id' => $id, 'action' => 'status'));
146	}
147	}
148	}
149
150	/**
151	* Do correction user
152	*
153	* @param user_id, action
154	* @return boolean true if ok else false
155	*/
156	function c13y_correction_user($id, $action)
157	{
158	global $conf, $page;
159
160	$result = false;
161
162	if (!empty($id))
163	{
164	switch ($action)
165	{
166	case 'creation':
167	if ($id == $conf['guest_id'])
168	{
169	$name = 'guest';
170	$password = null;
171	}
172	else if ($id == $conf['default_user_id'])
173	{
174	$name = 'guest';
175	$password = null;
176	}
177	else if ($id == $conf['webmaster_id'])
178	{
179	$name = 'webmaster';
180	$password = generate_key(6);
181	}
182
183	if (isset($name))
184	{
185	$name_ok = false;
186	while (!$name_ok)
187	{
188	$name_ok = (get_userid($name) === false);
189	if (!$name_ok)
190	{
191	$name .= generate_key(1);
192	}
193	}
194
195	$inserts = array(
196	array(
197	'id' => $id,
198	'username' => addslashes($name),
199	'password' => $password
200	),
201	);
202	mass_inserts(USERS_TABLE, array_keys($inserts[0]), $inserts);
203
204	create_user_infos($id);
205
206	$page['infos'][] = sprintf(l10n('c13y_user_created'), $name, $password);
207
208	$result = true;
209	}
210	break;
211	case 'status':
212	if ($id == $conf['guest_id'])
213	{
214	$status = 'guest';
215	}
216	else if ($id == $conf['default_user_id'])
217	{
218	$status = 'guest';
219	}
220	else if ($id == $conf['webmaster_id'])
221	{
222	$status = 'webmaster';
223	}
224
225	if (isset($status))
226	{
227	$updates = array(
228	array(
229	'user_id' => $id,
230	'status' => $status
231	),
232	);
233	mass_updates(USER_INFOS_TABLE,
234	array('primary' => array('user_id'),'update' => array('status')),
235	$updates);
236
237	$page['infos'][] = sprintf(l10n('c13y_user_status_updated'), get_username($id));
238
239	$result = true;
240	}
241	break;
242	}
243	}
244
245	return $result;
246	}
247	}
248
249	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: