Context Navigation

source: trunk/include/functions_user.inc.php @ 593

Last change on this file since 593 was 593, checked in by z0rglub, 20 years ago
update headers to comply with GPL
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 9.2 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2004 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2004-11-06 21:12:59 +0000 (Sat, 06 Nov 2004) $
10	// \| last modifier : $Author: z0rglub $
11	// \| revision : $Revision: 593 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	// validate_mail_address verifies whether the given mail address has the
29	// right format. ie someone@domain.com "someone" can contain ".", "-" or
30	// even "_". Exactly as "domain". The extension doesn't have to be
31	// "com". The mail address can also be empty.
32	// If the mail address doesn't correspond, an error message is returned.
33	function validate_mail_address( $mail_address )
34	{
35	global $lang;
36
37	if ( $mail_address == '' )
38	{
39	return '';
40	}
41	$regex = '/^[\w-]+(\.[\w-]+)@[\w-]+(\.[\w-]+)\.[a-z]+$/';
42	if ( !preg_match( $regex, $mail_address ) )
43	{
44	return $lang['reg_err_mail_address'];
45	}
46	}
47
48	function register_user( $login, $password, $password_conf,
49	$mail_address, $status = 'guest' )
50	{
51	global $lang;
52
53	$error = array();
54	$i = 0;
55	// login must not
56	// 1. be empty
57	// 2. start ou end with space character
58	// 3. include ' or " characters
59	// 4. be already used
60	if ( $login == '' ) $error[$i++] = $lang['reg_err_login1'];
61	if ( ereg( "^.* $", $login) ) $error[$i++] = $lang['reg_err_login2'];
62	if ( ereg( "^ .*$", $login ) ) $error[$i++] = $lang['reg_err_login3'];
63
64	if ( ereg( "'", $login ) or ereg( "\"", $login ) )
65	$error[$i++] = $lang['reg_err_login4'];
66	else
67	{
68	$query = 'SELECT id';
69	$query.= ' FROM '.USERS_TABLE;
70	$query.= " WHERE username = '".$login."'";
71	$query.= ';';
72	$result = pwg_query( $query );
73	if ( mysql_num_rows($result) > 0 ) $error[$i++] = $lang['reg_err_login5'];
74	}
75	// given password must be the same as the confirmation
76	if ( $password != $password_conf ) $error[$i++] = $lang['reg_err_pass'];
77
78	$error_mail_address = validate_mail_address( $mail_address );
79	if ( $error_mail_address != '' ) $error[$i++] = $error_mail_address;
80
81	// if no error until here, registration of the user
82	if ( sizeof( $error ) == 0 )
83	{
84	// 1. retrieving default values, the ones of the user "guest"
85	$infos = array( 'nb_image_line', 'nb_line_page', 'language',
86	'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
87	'recent_period', 'template', 'forbidden_categories' );
88	$query = 'SELECT ';
89	for ( $i = 0; $i < sizeof( $infos ); $i++ )
90	{
91	if ( $i > 0 ) $query.= ',';
92	$query.= $infos[$i];
93	}
94	$query.= ' FROM '.USERS_TABLE;
95	$query.= " WHERE username = 'guest'";
96	$query.= ';';
97	$row = mysql_fetch_array( pwg_query( $query ) );
98	// 2. adding new user
99	$query = 'INSERT INTO '.USERS_TABLE;
100	$query.= ' (';
101	$query.= ' username,password,mail_address,status';
102	for ( $i = 0; $i < sizeof( $infos ); $i++ )
103	{
104	$query.= ','.$infos[$i];
105	}
106	$query.= ') values (';
107	$query.= " '".$login."'";
108	$query.= ",'".md5( $password )."'";
109	if ( $mail_address != '' ) $query.= ",'".$mail_address."'";
110	else $query.= ',NULL';
111	$query.= ",'".$status."'";
112	foreach ( $infos as $info ) {
113	$query.= ',';
114	if ( !isset( $row[$info] ) ) $query.= 'NULL';
115	else $query.= "'".$row[$info]."'";
116	}
117	$query.= ');';
118	pwg_query( $query );
119	// 3. retrieving the id of the newly created user
120	$query = 'SELECT id';
121	$query.= ' FROM '.USERS_TABLE;
122	$query.= " WHERE username = '".$login."';";
123	$row = mysql_fetch_array( pwg_query( $query ) );
124	$user_id = $row['id'];
125	// 4. adding access to the new user, the same as the user "guest"
126	$query = 'SELECT cat_id';
127	$query.= ' FROM '.PREFIX_TABLE.'user_access as ua';
128	$query.= ','.PREFIX_TABLE.'users as u ';
129	$query.= ' where u.id = ua.user_id';
130	$query.= " and u.username = 'guest';";
131	$result = pwg_query( $query );
132	while( $row = mysql_fetch_array( $result ) )
133	{
134	$query = 'INSERT INTO '.PREFIX_TABLE.'user_access';
135	$query.= ' (user_id,cat_id) VALUES';
136	$query.= ' ('.$user_id.','.$row['cat_id'].');';
137	pwg_query ( $query );
138	}
139	// 5. associate new user to the same groups that the guest
140	$query = 'SELECT group_id';
141	$query.= ' FROM '.PREFIX_TABLE.'user_group AS ug';
142	$query.= ', '.PREFIX_TABLE.'users AS u';
143	$query.= " WHERE u.username = 'guest'";
144	$query.= ' AND ug.user_id = u.id';
145	$query.= ';';
146	$result = pwg_query( $query );
147	while( $row = mysql_fetch_array( $result ) )
148	{
149	$query = 'INSERT INTO '.PREFIX_TABLE.'user_group';
150	$query.= ' (user_id,group_id) VALUES';
151	$query.= ' ('.$user_id.','.$row['group_id'].')';
152	$query.= ';';
153	pwg_query ( $query );
154	}
155	}
156	return $error;
157	}
158
159	function update_user( $user_id, $mail_address, $status,
160	$use_new_password = false, $password = '' )
161	{
162	$error = array();
163	$i = 0;
164
165	$error_mail_address = validate_mail_address( $mail_address );
166	if ( $error_mail_address != '' )
167	{
168	$error[$i++] = $error_mail_address;
169	}
170
171	if ( sizeof( $error ) == 0 )
172	{
173	$query = 'UPDATE '.USERS_TABLE;
174	$query.= " SET status = '".$status."'";
175	if ( $use_new_password )
176	{
177	$query.= ", password = '".md5( $password )."'";
178	}
179	$query.= ', mail_address = ';
180	if ( $mail_address != '' )
181	{
182	$query.= "'".$mail_address."'";
183	}
184	else
185	{
186	$query.= 'NULL';
187	}
188	$query.= ' WHERE id = '.$user_id;
189	$query.= ';';
190	pwg_query( $query );
191	}
192	return $error;
193	}
194
195	function check_login_authorization()
196	{
197	global $user,$lang,$conf,$page;
198
199	if ( $user['is_the_guest'])
200	{
201	if ( $conf['access'] == 'restricted' \|\| (isset($page['cat']) && $page['cat'] == 'fav' ) )
202	{
203	echo '<div style="text-align:center;">'.$lang['only_members'].'<br />';
204	echo '<a href="./identification.php">'.$lang['ident_title'].'</a></div>';
205	exit();
206	}
207	}
208	}
209
210	//
211	// Initialise user settings on page load
212	function init_userprefs($userdata)
213	{
214	global $conf, $template, $lang, $lang_info;
215
216	$language = (!empty($userdata['language']) && !$userdata['is_the_guest'] )?$userdata['language']:$conf['default_language'];
217
218	if (!empty($userdata['template']) and !$userdata['is_the_guest'])
219	{
220	$template = $userdata['template'];
221	}
222	else
223	{
224	$template = $conf['default_template'];
225	}
226
227	if ( !file_exists(@realpath(PHPWG_ROOT_PATH . 'language/' . $language . '/common.lang.php')) )
228	{
229	$language = $conf['default_language'];
230	}
231	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/common.lang.php');
232
233
234	if ($userdata['status'] == 'admin')
235	{
236	if ( !file_exists(@realpath(PHPWG_ROOT_PATH . 'language/' . $language. '/admin.lang.php')) )
237	{
238	$language = $conf['default_language'];
239	}
240	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/admin.lang.php');
241	include_once(PHPWG_ROOT_PATH . 'language/' . $language . '/faq.lang.php');
242	}
243
244	$template = setup_style($template);
245	return;
246	}
247
248	function setup_style($style)
249	{
250	$template_path = 'template/' ;
251	$template_name = $style ;
252	$template = new Template(PHPWG_ROOT_PATH . $template_path . $template_name);
253	return $template;
254	}
255
256	function encode_ip($dotquad_ip)
257	{
258	$ip_sep = explode('.', $dotquad_ip);
259	return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
260	}
261
262	function decode_ip($int_ip)
263	{
264	$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
265	return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
266	}
267
268	function getuserdata($user)
269	{
270	$sql = "SELECT * FROM " . USERS_TABLE;
271	$sql.= " WHERE ";
272	$sql .= ( ( is_integer($user) ) ? "id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND id <> " . ANONYMOUS;
273	$result = pwg_query($sql);
274	return ( $row = mysql_fetch_array($result) ) ? $row : false;
275	}
276	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: