Context Navigation

source: trunk/include/functions_user.inc.php @ 580

Last change on this file since 580 was 532, checked in by gweltas, 20 years ago
Delivery of french translation in order to test i18n Deletion of collapsed & expanded gifs (obsoletes) Creation of faq language file for further writing of a end user-oriented FAQ
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 9.2 KB

Rev	Line
[2]	1	<?php
[362]	2	// +-----------------------------------------------------------------------+
	3	// \| functions_user.inc.php \|
	4	// +-----------------------------------------------------------------------+
	5	// \| application : PhpWebGallery <http://phpwebgallery.net> \|
	6	// \| branch : BSF (Best So Far) \|
	7	// +-----------------------------------------------------------------------+
	8	// \| file : $RCSfile$
	9	// \| last update : $Date: 2004-09-23 17:09:06 +0000 (Thu, 23 Sep 2004) $
	10	// \| last modifier : $Author: gweltas $
	11	// \| revision : $Revision: 532 $
	12	// +-----------------------------------------------------------------------+
	13	// \| This program is free software; you can redistribute it and/or modify \|
	14	// \| it under the terms of the GNU General Public License as published by \|
	15	// \| the Free Software Foundation \|
	16	// \| \|
	17	// \| This program is distributed in the hope that it will be useful, but \|
	18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	20	// \| General Public License for more details. \|
	21	// \| \|
	22	// \| You should have received a copy of the GNU General Public License \|
	23	// \| along with this program; if not, write to the Free Software \|
	24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	25	// \| USA. \|
	26	// +-----------------------------------------------------------------------+
[2]	27
[9]	28	// validate_mail_address verifies whether the given mail address has the
	29	// right format. ie someone@domain.com "someone" can contain ".", "-" or
	30	// even "_". Exactly as "domain". The extension doesn't have to be
	31	// "com". The mail address can also be empty.
	32	// If the mail address doesn't correspond, an error message is returned.
[2]	33	function validate_mail_address( $mail_address )
	34	{
	35	global $lang;
	36
[9]	37	if ( $mail_address == '' )
[2]	38	{
[9]	39	return '';
[2]	40	}
[9]	41	$regex = '/^[\w-]+(\.[\w-]+)@[\w-]+(\.[\w-]+)\.[a-z]+$/';
	42	if ( !preg_match( $regex, $mail_address ) )
	43	{
	44	return $lang['reg_err_mail_address'];
	45	}
[2]	46	}
	47
[345]	48	function register_user( $login, $password, $password_conf,
	49	$mail_address, $status = 'guest' )
[2]	50	{
[13]	51	global $lang;
[2]	52
	53	$error = array();
	54	$i = 0;
[9]	55	// login must not
	56	// 1. be empty
	57	// 2. start ou end with space character
	58	// 3. include ' or " characters
	59	// 4. be already used
[345]	60	if ( $login == '' ) $error[$i++] = $lang['reg_err_login1'];
	61	if ( ereg( "^.* $", $login) ) $error[$i++] = $lang['reg_err_login2'];
	62	if ( ereg( "^ .*$", $login ) ) $error[$i++] = $lang['reg_err_login3'];
	63
[2]	64	if ( ereg( "'", $login ) or ereg( "\"", $login ) )
	65	$error[$i++] = $lang['reg_err_login4'];
	66	else
	67	{
[345]	68	$query = 'SELECT id';
[364]	69	$query.= ' FROM '.USERS_TABLE;
[345]	70	$query.= " WHERE username = '".$login."'";
	71	$query.= ';';
[2]	72	$result = mysql_query( $query );
[345]	73	if ( mysql_num_rows($result) > 0 ) $error[$i++] = $lang['reg_err_login5'];
[2]	74	}
[9]	75	// given password must be the same as the confirmation
[345]	76	if ( $password != $password_conf ) $error[$i++] = $lang['reg_err_pass'];
[2]	77
	78	$error_mail_address = validate_mail_address( $mail_address );
[345]	79	if ( $error_mail_address != '' ) $error[$i++] = $error_mail_address;
[9]	80
	81	// if no error until here, registration of the user
[2]	82	if ( sizeof( $error ) == 0 )
	83	{
[9]	84	// 1. retrieving default values, the ones of the user "guest"
[99]	85	$infos = array( 'nb_image_line', 'nb_line_page', 'language',
[2]	86	'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
[452]	87	'recent_period', 'template', 'forbidden_categories' );
[345]	88	$query = 'SELECT ';
[2]	89	for ( $i = 0; $i < sizeof( $infos ); $i++ )
	90	{
[345]	91	if ( $i > 0 ) $query.= ',';
[2]	92	$query.= $infos[$i];
	93	}
[364]	94	$query.= ' FROM '.USERS_TABLE;
[345]	95	$query.= " WHERE username = 'guest'";
	96	$query.= ';';
[2]	97	$row = mysql_fetch_array( mysql_query( $query ) );
[9]	98	// 2. adding new user
[364]	99	$query = 'INSERT INTO '.USERS_TABLE;
[2]	100	$query.= ' (';
[9]	101	$query.= ' username,password,mail_address,status';
[2]	102	for ( $i = 0; $i < sizeof( $infos ); $i++ )
	103	{
	104	$query.= ','.$infos[$i];
	105	}
[9]	106	$query.= ') values (';
[2]	107	$query.= " '".$login."'";
	108	$query.= ",'".md5( $password )."'";
[345]	109	if ( $mail_address != '' ) $query.= ",'".$mail_address."'";
	110	else $query.= ',NULL';
[2]	111	$query.= ",'".$status."'";
[345]	112	foreach ( $infos as $info ) {
[9]	113	$query.= ',';
[345]	114	if ( !isset( $row[$info] ) ) $query.= 'NULL';
	115	else $query.= "'".$row[$info]."'";
[2]	116	}
	117	$query.= ');';
	118	mysql_query( $query );
[9]	119	// 3. retrieving the id of the newly created user
[21]	120	$query = 'SELECT id';
[364]	121	$query.= ' FROM '.USERS_TABLE;
[21]	122	$query.= " WHERE username = '".$login."';";
[2]	123	$row = mysql_fetch_array( mysql_query( $query ) );
	124	$user_id = $row['id'];
[21]	125	// 4. adding access to the new user, the same as the user "guest"
	126	$query = 'SELECT cat_id';
	127	$query.= ' FROM '.PREFIX_TABLE.'user_access as ua';
[13]	128	$query.= ','.PREFIX_TABLE.'users as u ';
[21]	129	$query.= ' where u.id = ua.user_id';
[9]	130	$query.= " and u.username = 'guest';";
[2]	131	$result = mysql_query( $query );
	132	while( $row = mysql_fetch_array( $result ) )
	133	{
[21]	134	$query = 'INSERT INTO '.PREFIX_TABLE.'user_access';
	135	$query.= ' (user_id,cat_id) VALUES';
[2]	136	$query.= ' ('.$user_id.','.$row['cat_id'].');';
	137	mysql_query ( $query );
	138	}
[345]	139	// 5. associate new user to the same groups that the guest
	140	$query = 'SELECT group_id';
	141	$query.= ' FROM '.PREFIX_TABLE.'user_group AS ug';
	142	$query.= ', '.PREFIX_TABLE.'users AS u';
	143	$query.= " WHERE u.username = 'guest'";
	144	$query.= ' AND ug.user_id = u.id';
	145	$query.= ';';
	146	$result = mysql_query( $query );
	147	while( $row = mysql_fetch_array( $result ) )
	148	{
	149	$query = 'INSERT INTO '.PREFIX_TABLE.'user_group';
	150	$query.= ' (user_id,group_id) VALUES';
	151	$query.= ' ('.$user_id.','.$row['group_id'].')';
	152	$query.= ';';
	153	mysql_query ( $query );
	154	}
[2]	155	}
	156	return $error;
	157	}
	158
	159	function update_user( $user_id, $mail_address, $status,
	160	$use_new_password = false, $password = '' )
	161	{
	162	$error = array();
	163	$i = 0;
	164
	165	$error_mail_address = validate_mail_address( $mail_address );
	166	if ( $error_mail_address != '' )
	167	{
	168	$error[$i++] = $error_mail_address;
	169	}
	170
	171	if ( sizeof( $error ) == 0 )
	172	{
[364]	173	$query = 'UPDATE '.USERS_TABLE;
[21]	174	$query.= " SET status = '".$status."'";
[2]	175	if ( $use_new_password )
	176	{
	177	$query.= ", password = '".md5( $password )."'";
	178	}
	179	$query.= ', mail_address = ';
	180	if ( $mail_address != '' )
	181	{
	182	$query.= "'".$mail_address."'";
	183	}
	184	else
	185	{
	186	$query.= 'NULL';
	187	}
[21]	188	$query.= ' WHERE id = '.$user_id;
[2]	189	$query.= ';';
	190	mysql_query( $query );
	191	}
	192	return $error;
	193	}
	194
	195	function check_login_authorization()
	196	{
	197	global $user,$lang,$conf,$page;
[14]	198
[345]	199	if ( $user['is_the_guest'])
[2]	200	{
[345]	201	if ( $conf['access'] == 'restricted' \|\| (isset($page['cat']) && $page['cat'] == 'fav' ) )
	202	{
[2]	203	echo '<div style="text-align:center;">'.$lang['only_members'].'<br />';
	204	echo '<a href="./identification.php">'.$lang['ident_title'].'</a></div>';
	205	exit();
	206	}
[21]	207	}
[2]	208	}
[364]	209
	210	//
	211	// Initialise user settings on page load
	212	function init_userprefs($userdata)
	213	{
[393]	214	global $conf, $template, $lang, $lang_info;
[524]	215
[518]	216	$language = (!empty($userdata['language']) && !$userdata['is_the_guest'] )?$userdata['language']:$conf['default_language'];
[524]	217
	218	if (!empty($userdata['template']) and !$userdata['is_the_guest'])
	219	{
	220	$template = $userdata['template'];
	221	}
	222	else
	223	{
	224	$template = $conf['default_template'];
	225	}
	226
[393]	227	if ( !file_exists(@realpath(PHPWG_ROOT_PATH . 'language/' . $language . '/common.lang.php')) )
[364]	228	{
[463]	229	$language = DEFAULT_LANGUAGE;
[364]	230	}
[393]	231	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/common.lang.php');
[364]	232
[393]	233
[364]	234	if ($userdata['status'] == 'admin')
	235	{
[393]	236	if ( !file_exists(@realpath(PHPWG_ROOT_PATH . 'language/' . $language. '/admin.lang.php')) )
[364]	237	{
[463]	238	$language = DEFAULT_LANGUAGE;
[364]	239	}
[393]	240	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/admin.lang.php');
[532]	241	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/faq.lang.php');
[364]	242	}
[524]	243
	244	$template = setup_style($template);
[364]	245	return;
	246	}
	247
	248	function setup_style($style)
	249	{
[367]	250	$template_path = 'template/' ;
	251	$template_name = $style ;
	252	$template = new Template(PHPWG_ROOT_PATH . $template_path . $template_name);
	253	return $template;
[364]	254	}
	255
	256	function encode_ip($dotquad_ip)
	257	{
[393]	258	$ip_sep = explode('.', $dotquad_ip);
	259	return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
[364]	260	}
	261
	262	function decode_ip($int_ip)
	263	{
[393]	264	$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
	265	return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
[364]	266	}
[393]	267
	268	function getuserdata($user)
	269	{
	270	$sql = "SELECT * FROM " . USERS_TABLE;
	271	$sql.= " WHERE ";
	272	$sql .= ( ( is_integer($user) ) ? "id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND id <> " . ANONYMOUS;
	273	$result = mysql_query($sql);
	274	return ( $row = mysql_fetch_array($result) ) ? $row : false;
	275	}
[367]	276	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: