1 | <?php |
---|
2 | /*************************************************************************** |
---|
3 | * user.inc.php is a part of PhpWebGallery * |
---|
4 | * ------------------- * |
---|
5 | * last update : Saturday, October 26, 2002 * |
---|
6 | * email : pierrick@z0rglub.com * |
---|
7 | * * |
---|
8 | *************************************************************************** |
---|
9 | |
---|
10 | *************************************************************************** |
---|
11 | * * |
---|
12 | * This program is free software; you can redistribute it and/or modify * |
---|
13 | * it under the terms of the GNU General Public License as published by * |
---|
14 | * the Free Software Foundation; * |
---|
15 | * * |
---|
16 | ***************************************************************************/ |
---|
17 | // retrieving user informations |
---|
18 | // $infos array is used to know the fields to retrieve in the table "users" |
---|
19 | // Each field becomes an information of the array $user. |
---|
20 | // Example : |
---|
21 | // status --> $user['status'] |
---|
22 | $infos = array( 'id', 'pseudo', 'mail_address', 'nb_image_line', |
---|
23 | 'nb_line_page', 'status', 'theme', 'language', 'maxwidth', |
---|
24 | 'maxheight', 'expand', 'show_nb_comments', 'short_period', |
---|
25 | 'long_period', 'template' ); |
---|
26 | |
---|
27 | $query_user = 'select'; |
---|
28 | for ( $i = 0; $i < sizeof( $infos ); $i++ ) |
---|
29 | { |
---|
30 | if ( $i > 0 ) |
---|
31 | { |
---|
32 | $query_user.= ','; |
---|
33 | } |
---|
34 | else |
---|
35 | { |
---|
36 | $query_user.= ' '; |
---|
37 | } |
---|
38 | $query_user.= $infos[$i]; |
---|
39 | } |
---|
40 | $query_user.= ' from '.$prefixeTable.'users'; |
---|
41 | $query_done = false; |
---|
42 | $user['is_the_guest'] = false; |
---|
43 | if ( isset( $_GET['id'] ) |
---|
44 | && ereg( "^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $_GET['id'] ) ) |
---|
45 | { |
---|
46 | $page['session_id'] = $_GET['id']; |
---|
47 | $query = "select user_id, expiration, ip "; |
---|
48 | $query.= "from $prefixeTable"."sessions "; |
---|
49 | $query.= "where id = '".$_GET['id']."';"; |
---|
50 | $result = mysql_query( $query ); |
---|
51 | if ( mysql_num_rows( $result ) > 0 ) |
---|
52 | { |
---|
53 | $row = mysql_fetch_array( $result ); |
---|
54 | if ( $row['expiration'] < time() ) |
---|
55 | { |
---|
56 | // deletion of the session from the database, |
---|
57 | // because it is out-of-date |
---|
58 | $delete_query = "delete from ".$prefixeTable."sessions"; |
---|
59 | $delete_query.= " where id = ".$page['session_id'].";"; |
---|
60 | mysql_query( $delete_query ); |
---|
61 | } |
---|
62 | else |
---|
63 | { |
---|
64 | if ( $REMOTE_ADDR == $row['ip'] ) |
---|
65 | { |
---|
66 | $query_user .= ' where id = '.$row['user_id']; |
---|
67 | $query_done = true; |
---|
68 | } |
---|
69 | } |
---|
70 | } |
---|
71 | } |
---|
72 | if ( !$query_done ) |
---|
73 | { |
---|
74 | $query_user .= " where pseudo = 'visiteur'"; |
---|
75 | $user['is_the_guest'] = true; |
---|
76 | } |
---|
77 | $query_user .= ';'; |
---|
78 | |
---|
79 | $row = mysql_fetch_array( mysql_query( $query_user ) ); |
---|
80 | |
---|
81 | // affectation of each value retrieved in the users table into a variable |
---|
82 | // of the array $user. |
---|
83 | for ( $i = 0; $i < sizeof( $infos ); $i++ ) |
---|
84 | { |
---|
85 | $user[$infos[$i]] = $row[$infos[$i]]; |
---|
86 | // If the field is true or false, the variable is transformed into a boolean |
---|
87 | // value. |
---|
88 | if ( $row[$infos[$i]] == 'true' || $row[$infos[$i]] == 'false' ) |
---|
89 | { |
---|
90 | $user[$infos[$i]] = get_boolean( $row[$infos[$i]] ); |
---|
91 | } |
---|
92 | } |
---|
93 | ?> |
---|