Context Navigation

source: trunk/include/user.inc.php @ 90

Last change on this file since 90 was 90, checked in by z0rglub, 21 years ago
When a page is refresh with an expired session still existing in the database, the first page works -> corrected.
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 3.9 KB

Line
1	<?php
2	/***************************************************************************
3	* user.inc.php *
4	* ------------------ *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: user.inc.php 90 2003-09-12 22:59:42Z z0rglub $
9	* *
10	***************************************************************************
11
12	***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	// retrieving user informations
20	// $infos array is used to know the fields to retrieve in the table "users"
21	// Each field becomes an information of the array $user.
22	// Example :
23	// status --> $user['status']
24	$infos = array( 'id', 'username', 'mail_address', 'nb_image_line',
25	'nb_line_page', 'status', 'language', 'maxwidth',
26	'maxheight', 'expand', 'show_nb_comments', 'short_period',
27	'long_period', 'template' );
28
29	$query_user = 'SELECT ';
30	foreach ( $infos as $i => $info ) {
31	if ( $i > 0 ) $query_user.= ',';
32	$query_user.= $info;
33	}
34	$query_user.= ' FROM '.PREFIX_TABLE.'users';
35	$query_done = false;
36	$user['is_the_guest'] = false;
37
38	// cookie deletion if administrator don't authorize them anymore
39	if ( !$conf['authorize_cookies'] and isset( $_COOKIE['id'] ) )
40	{
41	setcookie( 'id', '', 0, cookie_path() );
42	$url = 'category.php';
43	header( 'Request-URI: '.$url );
44	header( 'Content-Location: '.$url );
45	header( 'Location: '.$url );
46	exit();
47	}
48
49	$user['has_cookie'] = false;
50	if ( isset( $_GET['id'] ) ) $session_id = $_GET['id'];
51	elseif ( isset( $_COOKIE['id'] ) )
52	{
53	$session_id = $_COOKIE['id'];
54	$user['has_cookie'] = true;
55	}
56
57	if ( isset( $session_id )
58	and ereg( "^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id ) )
59	{
60	$page['session_id'] = $session_id;
61	$query = 'SELECT user_id,expiration,ip';
62	$query.= ' FROM '.PREFIX_TABLE.'sessions';
63	$query.= " WHERE id = '".$page['session_id']."'";
64	$query.= ';';
65	$result = mysql_query( $query );
66	if ( mysql_num_rows( $result ) > 0 )
67	{
68	$row = mysql_fetch_array( $result );
69	if ( !$user['has_cookie'] )
70	{
71	if ( $row['expiration'] < time() )
72	{
73	// deletion of the session from the database,
74	// because it is out-of-date
75	$delete_query = 'DELETE FROM '.PREFIX_TABLE.'sessions';
76	$delete_query.= " WHERE id = '".$page['session_id']."'";
77	$delete_query.= ';';
78	mysql_query( $delete_query );
79	}
80	else if ( $_SERVER['REMOTE_ADDR'] == $row['ip'] )
81	{
82	$query_user .= ' WHERE id = '.$row['user_id'];
83	$query_done = true;
84	}
85	}
86	else
87	{
88	$query_user .= ' WHERE id = '.$row['user_id'];
89	$query_done = true;
90	}
91	}
92	}
93	if ( !$query_done )
94	{
95	$query_user .= ' WHERE id = 2';
96	$user['is_the_guest'] = true;
97	}
98	$query_user .= ';';
99
100	$row = mysql_fetch_array( mysql_query( $query_user ) );
101
102	// affectation of each value retrieved in the users table into a variable
103	// of the array $user.
104	foreach ( $infos as $info ) {
105	$user[$info] = $row[$info];
106	// If the field is true or false, the variable is transformed into a
107	// boolean value.
108	if ( $row[$info] == 'true' or $row[$info] == 'false' )
109	{
110	$user[$info] = get_boolean( $row[$info] );
111	}
112	}
113	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: