[2] | 1 | <?php |
---|
[362] | 2 | // +-----------------------------------------------------------------------+ |
---|
| 3 | // | user.inc.php | |
---|
| 4 | // +-----------------------------------------------------------------------+ |
---|
| 5 | // | application : PhpWebGallery <http://phpwebgallery.net> | |
---|
| 6 | // | branch : BSF (Best So Far) | |
---|
| 7 | // +-----------------------------------------------------------------------+ |
---|
| 8 | // | file : $RCSfile$ |
---|
| 9 | // | last update : $Date: 2004-07-09 21:00:00 +0000 (Fri, 09 Jul 2004) $ |
---|
| 10 | // | last modifier : $Author: z0rglub $ |
---|
| 11 | // | revision : $Revision: 452 $ |
---|
| 12 | // +-----------------------------------------------------------------------+ |
---|
| 13 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 14 | // | it under the terms of the GNU General Public License as published by | |
---|
| 15 | // | the Free Software Foundation | |
---|
| 16 | // | | |
---|
| 17 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 18 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 19 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 20 | // | General Public License for more details. | |
---|
| 21 | // | | |
---|
| 22 | // | You should have received a copy of the GNU General Public License | |
---|
| 23 | // | along with this program; if not, write to the Free Software | |
---|
| 24 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 25 | // | USA. | |
---|
| 26 | // +-----------------------------------------------------------------------+ |
---|
[2] | 27 | |
---|
| 28 | // retrieving user informations |
---|
| 29 | // $infos array is used to know the fields to retrieve in the table "users" |
---|
| 30 | // Each field becomes an information of the array $user. |
---|
| 31 | // Example : |
---|
| 32 | // status --> $user['status'] |
---|
[9] | 33 | $infos = array( 'id', 'username', 'mail_address', 'nb_image_line', |
---|
[26] | 34 | 'nb_line_page', 'status', 'language', 'maxwidth', |
---|
[452] | 35 | 'maxheight', 'expand', 'show_nb_comments', 'recent_period', |
---|
| 36 | 'template', 'forbidden_categories' ); |
---|
[2] | 37 | |
---|
[345] | 38 | $query_user = 'SELECT '.implode( ',', $infos ); |
---|
| 39 | $query_user.= ' FROM '.USERS_TABLE; |
---|
[2] | 40 | $query_done = false; |
---|
| 41 | $user['is_the_guest'] = false; |
---|
[45] | 42 | |
---|
| 43 | // cookie deletion if administrator don't authorize them anymore |
---|
| 44 | if ( !$conf['authorize_cookies'] and isset( $_COOKIE['id'] ) ) |
---|
[2] | 45 | { |
---|
[45] | 46 | setcookie( 'id', '', 0, cookie_path() ); |
---|
| 47 | $url = 'category.php'; |
---|
[405] | 48 | redirect( $url ); |
---|
[45] | 49 | } |
---|
| 50 | |
---|
| 51 | $user['has_cookie'] = false; |
---|
| 52 | if ( isset( $_GET['id'] ) ) $session_id = $_GET['id']; |
---|
| 53 | elseif ( isset( $_COOKIE['id'] ) ) |
---|
| 54 | { |
---|
| 55 | $session_id = $_COOKIE['id']; |
---|
| 56 | $user['has_cookie'] = true; |
---|
| 57 | } |
---|
| 58 | |
---|
| 59 | if ( isset( $session_id ) |
---|
| 60 | and ereg( "^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id ) ) |
---|
| 61 | { |
---|
| 62 | $page['session_id'] = $session_id; |
---|
[21] | 63 | $query = 'SELECT user_id,expiration,ip'; |
---|
[345] | 64 | $query.= ' FROM '.SESSIONS_TABLE; |
---|
[45] | 65 | $query.= " WHERE id = '".$page['session_id']."'"; |
---|
[13] | 66 | $query.= ';'; |
---|
[2] | 67 | $result = mysql_query( $query ); |
---|
| 68 | if ( mysql_num_rows( $result ) > 0 ) |
---|
| 69 | { |
---|
| 70 | $row = mysql_fetch_array( $result ); |
---|
[45] | 71 | if ( !$user['has_cookie'] ) |
---|
[2] | 72 | { |
---|
[45] | 73 | if ( $row['expiration'] < time() ) |
---|
| 74 | { |
---|
| 75 | // deletion of the session from the database, |
---|
| 76 | // because it is out-of-date |
---|
[345] | 77 | $delete_query = 'DELETE FROM '.SESSIONS_TABLE; |
---|
[45] | 78 | $delete_query.= " WHERE id = '".$page['session_id']."'"; |
---|
| 79 | $delete_query.= ';'; |
---|
| 80 | mysql_query( $delete_query ); |
---|
| 81 | } |
---|
[90] | 82 | else if ( $_SERVER['REMOTE_ADDR'] == $row['ip'] ) |
---|
[2] | 83 | { |
---|
[21] | 84 | $query_user .= ' WHERE id = '.$row['user_id']; |
---|
[2] | 85 | $query_done = true; |
---|
| 86 | } |
---|
| 87 | } |
---|
[45] | 88 | else |
---|
| 89 | { |
---|
| 90 | $query_user .= ' WHERE id = '.$row['user_id']; |
---|
| 91 | $query_done = true; |
---|
| 92 | } |
---|
[2] | 93 | } |
---|
| 94 | } |
---|
| 95 | if ( !$query_done ) |
---|
| 96 | { |
---|
[21] | 97 | $query_user .= ' WHERE id = 2'; |
---|
[2] | 98 | $user['is_the_guest'] = true; |
---|
| 99 | } |
---|
| 100 | $query_user .= ';'; |
---|
| 101 | $row = mysql_fetch_array( mysql_query( $query_user ) ); |
---|
| 102 | |
---|
| 103 | // affectation of each value retrieved in the users table into a variable |
---|
| 104 | // of the array $user. |
---|
[21] | 105 | foreach ( $infos as $info ) { |
---|
[345] | 106 | if ( isset( $row[$info] ) ) |
---|
[2] | 107 | { |
---|
[345] | 108 | // If the field is true or false, the variable is transformed into a |
---|
| 109 | // boolean value. |
---|
| 110 | if ( $row[$info] == 'true' or $row[$info] == 'false' ) |
---|
| 111 | $user[$info] = get_boolean( $row[$info] ); |
---|
| 112 | else |
---|
| 113 | $user[$info] = $row[$info]; |
---|
[2] | 114 | } |
---|
[345] | 115 | else |
---|
| 116 | { |
---|
| 117 | $user[$info] = ''; |
---|
| 118 | } |
---|
[2] | 119 | } |
---|
[345] | 120 | |
---|
| 121 | // special for $user['restrictions'] array |
---|
| 122 | $user['restrictions'] = explode( ',', $user['forbidden_categories'] ); |
---|
[397] | 123 | if ( $user['restrictions'][0] == '' ) |
---|
| 124 | { |
---|
| 125 | $user['restrictions'] = array(); |
---|
| 126 | } |
---|
| 127 | |
---|
[351] | 128 | $isadmin = false; |
---|
[397] | 129 | if ( $user['status'] == 'admin' ) |
---|
| 130 | { |
---|
| 131 | $isadmin =true; |
---|
| 132 | } |
---|
[351] | 133 | // calculation of the number of picture to display per page |
---|
| 134 | $user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page']; |
---|
[397] | 135 | |
---|
[351] | 136 | init_userprefs($user); |
---|
[397] | 137 | |
---|
[375] | 138 | $user['lien_expanded']='./template/'.$user['template'].'/theme/expanded.gif'; |
---|
[367] | 139 | $user['lien_collapsed']='./template/'.$user['template'].'/theme/collapsed.gif'; |
---|
[362] | 140 | ?> |
---|