Context Navigation

source: trunk/include/functions_user.inc.php @ 518

Last change on this file since 518 was 518, checked in by z0rglub, 20 years ago

corrects bugs due to deletion of configuration parameters default_lang, default_style (renamed to default_language and default_template), session_keyword

in install.php, corrects bug to deletion of language keys : conf_general_webmaster, conf_general_webmaster_info and renaming of conf_general_mail

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 9.1 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| functions_user.inc.php \|
4	// +-----------------------------------------------------------------------+
5	// \| application : PhpWebGallery <http://phpwebgallery.net> \|
6	// \| branch : BSF (Best So Far) \|
7	// +-----------------------------------------------------------------------+
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2004-09-07 19:29:42 +0000 (Tue, 07 Sep 2004) $
10	// \| last modifier : $Author: z0rglub $
11	// \| revision : $Revision: 518 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	// validate_mail_address verifies whether the given mail address has the
29	// right format. ie someone@domain.com "someone" can contain ".", "-" or
30	// even "_". Exactly as "domain". The extension doesn't have to be
31	// "com". The mail address can also be empty.
32	// If the mail address doesn't correspond, an error message is returned.
33	function validate_mail_address( $mail_address )
34	{
35	global $lang;
36
37	if ( $mail_address == '' )
38	{
39	return '';
40	}
41	$regex = '/^[\w-]+(\.[\w-]+)@[\w-]+(\.[\w-]+)\.[a-z]+$/';
42	if ( !preg_match( $regex, $mail_address ) )
43	{
44	return $lang['reg_err_mail_address'];
45	}
46	}
47
48	function register_user( $login, $password, $password_conf,
49	$mail_address, $status = 'guest' )
50	{
51	global $lang;
52
53	$error = array();
54	$i = 0;
55	// login must not
56	// 1. be empty
57	// 2. start ou end with space character
58	// 3. include ' or " characters
59	// 4. be already used
60	if ( $login == '' ) $error[$i++] = $lang['reg_err_login1'];
61	if ( ereg( "^.* $", $login) ) $error[$i++] = $lang['reg_err_login2'];
62	if ( ereg( "^ .*$", $login ) ) $error[$i++] = $lang['reg_err_login3'];
63
64	if ( ereg( "'", $login ) or ereg( "\"", $login ) )
65	$error[$i++] = $lang['reg_err_login4'];
66	else
67	{
68	$query = 'SELECT id';
69	$query.= ' FROM '.USERS_TABLE;
70	$query.= " WHERE username = '".$login."'";
71	$query.= ';';
72	$result = mysql_query( $query );
73	if ( mysql_num_rows($result) > 0 ) $error[$i++] = $lang['reg_err_login5'];
74	}
75	// given password must be the same as the confirmation
76	if ( $password != $password_conf ) $error[$i++] = $lang['reg_err_pass'];
77
78	$error_mail_address = validate_mail_address( $mail_address );
79	if ( $error_mail_address != '' ) $error[$i++] = $error_mail_address;
80
81	// if no error until here, registration of the user
82	if ( sizeof( $error ) == 0 )
83	{
84	// 1. retrieving default values, the ones of the user "guest"
85	$infos = array( 'nb_image_line', 'nb_line_page', 'language',
86	'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
87	'recent_period', 'template', 'forbidden_categories' );
88	$query = 'SELECT ';
89	for ( $i = 0; $i < sizeof( $infos ); $i++ )
90	{
91	if ( $i > 0 ) $query.= ',';
92	$query.= $infos[$i];
93	}
94	$query.= ' FROM '.USERS_TABLE;
95	$query.= " WHERE username = 'guest'";
96	$query.= ';';
97	$row = mysql_fetch_array( mysql_query( $query ) );
98	// 2. adding new user
99	$query = 'INSERT INTO '.USERS_TABLE;
100	$query.= ' (';
101	$query.= ' username,password,mail_address,status';
102	for ( $i = 0; $i < sizeof( $infos ); $i++ )
103	{
104	$query.= ','.$infos[$i];
105	}
106	$query.= ') values (';
107	$query.= " '".$login."'";
108	$query.= ",'".md5( $password )."'";
109	if ( $mail_address != '' ) $query.= ",'".$mail_address."'";
110	else $query.= ',NULL';
111	$query.= ",'".$status."'";
112	foreach ( $infos as $info ) {
113	$query.= ',';
114	if ( !isset( $row[$info] ) ) $query.= 'NULL';
115	else $query.= "'".$row[$info]."'";
116	}
117	$query.= ');';
118	mysql_query( $query );
119	// 3. retrieving the id of the newly created user
120	$query = 'SELECT id';
121	$query.= ' FROM '.USERS_TABLE;
122	$query.= " WHERE username = '".$login."';";
123	$row = mysql_fetch_array( mysql_query( $query ) );
124	$user_id = $row['id'];
125	// 4. adding access to the new user, the same as the user "guest"
126	$query = 'SELECT cat_id';
127	$query.= ' FROM '.PREFIX_TABLE.'user_access as ua';
128	$query.= ','.PREFIX_TABLE.'users as u ';
129	$query.= ' where u.id = ua.user_id';
130	$query.= " and u.username = 'guest';";
131	$result = mysql_query( $query );
132	while( $row = mysql_fetch_array( $result ) )
133	{
134	$query = 'INSERT INTO '.PREFIX_TABLE.'user_access';
135	$query.= ' (user_id,cat_id) VALUES';
136	$query.= ' ('.$user_id.','.$row['cat_id'].');';
137	mysql_query ( $query );
138	}
139	// 5. associate new user to the same groups that the guest
140	$query = 'SELECT group_id';
141	$query.= ' FROM '.PREFIX_TABLE.'user_group AS ug';
142	$query.= ', '.PREFIX_TABLE.'users AS u';
143	$query.= " WHERE u.username = 'guest'";
144	$query.= ' AND ug.user_id = u.id';
145	$query.= ';';
146	$result = mysql_query( $query );
147	while( $row = mysql_fetch_array( $result ) )
148	{
149	$query = 'INSERT INTO '.PREFIX_TABLE.'user_group';
150	$query.= ' (user_id,group_id) VALUES';
151	$query.= ' ('.$user_id.','.$row['group_id'].')';
152	$query.= ';';
153	mysql_query ( $query );
154	}
155	}
156	return $error;
157	}
158
159	function update_user( $user_id, $mail_address, $status,
160	$use_new_password = false, $password = '' )
161	{
162	$error = array();
163	$i = 0;
164
165	$error_mail_address = validate_mail_address( $mail_address );
166	if ( $error_mail_address != '' )
167	{
168	$error[$i++] = $error_mail_address;
169	}
170
171	if ( sizeof( $error ) == 0 )
172	{
173	$query = 'UPDATE '.USERS_TABLE;
174	$query.= " SET status = '".$status."'";
175	if ( $use_new_password )
176	{
177	$query.= ", password = '".md5( $password )."'";
178	}
179	$query.= ', mail_address = ';
180	if ( $mail_address != '' )
181	{
182	$query.= "'".$mail_address."'";
183	}
184	else
185	{
186	$query.= 'NULL';
187	}
188	$query.= ' WHERE id = '.$user_id;
189	$query.= ';';
190	mysql_query( $query );
191	}
192	return $error;
193	}
194
195	function check_login_authorization()
196	{
197	global $user,$lang,$conf,$page;
198
199	if ( $user['is_the_guest'])
200	{
201	if ( $conf['access'] == 'restricted' \|\| (isset($page['cat']) && $page['cat'] == 'fav' ) )
202	{
203	echo '<div style="text-align:center;">'.$lang['only_members'].'<br />';
204	echo '<a href="./identification.php">'.$lang['ident_title'].'</a></div>';
205	exit();
206	}
207	}
208	}
209
210	//
211	// Initialise user settings on page load
212	function init_userprefs($userdata)
213	{
214	global $conf, $template, $lang, $lang_info;
215
216	$language = (!empty($userdata['language']) && !$userdata['is_the_guest'] )?$userdata['language']:$conf['default_language'];
217	$style = (!empty($userdata['template'])&& !$userdata['is_the_guest'] )?$userdata['template']:$conf['default_template'];
218
219	if ( !file_exists(@realpath(PHPWG_ROOT_PATH . 'language/' . $language . '/common.lang.php')) )
220	{
221	$language = DEFAULT_LANGUAGE;
222	}
223	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/common.lang.php');
224
225
226	if ($userdata['status'] == 'admin')
227	{
228	if ( !file_exists(@realpath(PHPWG_ROOT_PATH . 'language/' . $language. '/admin.lang.php')) )
229	{
230	$language = DEFAULT_LANGUAGE;
231	}
232	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/admin.lang.php');
233	}
234
235	$template= setup_style($style);
236	return;
237	}
238
239	function setup_style($style)
240	{
241	$template_path = 'template/' ;
242	$template_name = $style ;
243	$template = new Template(PHPWG_ROOT_PATH . $template_path . $template_name);
244	return $template;
245	}
246
247	function encode_ip($dotquad_ip)
248	{
249	$ip_sep = explode('.', $dotquad_ip);
250	return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
251	}
252
253	function decode_ip($int_ip)
254	{
255	$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
256	return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
257	}
258
259	function getuserdata($user)
260	{
261	$sql = "SELECT * FROM " . USERS_TABLE;
262	$sql.= " WHERE ";
263	$sql .= ( ( is_integer($user) ) ? "id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND id <> " . ANONYMOUS;
264	$result = mysql_query($sql);
265	return ( $row = mysql_fetch_array($result) ) ? $row : false;
266	}
267	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: