diff --git a/header.inc.php b/header.inc.php
index f26cb68..ccf198b 100644
--- a/header.inc.php
+++ b/header.inc.php
@@ -13,7 +13,6 @@ if(DEBUG_MODE) {
ini_set('display_errors', '1');
ini_set('mysql.trace_mode', '1');
error_reporting(E_ALL);
- //error_reporting(E_ALL^E_NOTICE);
} else {
ini_set('display_errors', '0');
ini_set('mysql.trace_mode', '0');
diff --git a/services/userservice.php b/services/userservice.php
index e611cb8..19e81c6 100644
--- a/services/userservice.php
+++ b/services/userservice.php
@@ -1,6 +1,15 @@
'uId',
+ 'username' => 'username',
+ 'password' => 'password');
+ var $profileurl;
+ var $tablename;
+ var $sessionkey;
+ var $cookiekey;
+ var $cookietime = 1209600; // 2 weeks
function &getInstance(&$db) {
static $instance;
@@ -9,423 +18,460 @@ class UserService {
return $instance;
}
- var $fields = array(
- 'primary' => 'uId',
- 'username' => 'username',
- 'password' => 'password'
- );
- var $profileurl;
- var $tablename;
- var $sessionkey;
- var $cookiekey;
- var $cookietime = 1209600; // 2 weeks
+ function UserService(& $db) {
+ $this->db =& $db;
+ $this->tablename = $GLOBALS['tableprefix'] .'users';
+ $this->sessionkey = INSTALLATION_ID.'-currentuserid';
+ $this->cookiekey = INSTALLATION_ID.'-login';
+ $this->profileurl = createURL('profile', '%2$s');
+ }
- function UserService(& $db) {
- $this->db =& $db;
- $this->tablename = $GLOBALS['tableprefix'] .'users';
- $this->sessionkey = INSTALLATION_ID.'-currentuserid';
- $this->cookiekey = INSTALLATION_ID.'-login';
- $this->profileurl = createURL('profile', '%2$s');
- }
+ function _checkdns($host) {
+ if (function_exists('checkdnsrr')) {
+ return checkdnsrr($host);
+ } else {
+ return $this->_checkdnsrr($host);
+ }
+ }
- function _checkdns($host) {
- if (function_exists('checkdnsrr')) {
- return checkdnsrr($host);
- } else {
- return $this->_checkdnsrr($host);
- }
- }
+ function _checkdnsrr($host, $type = "MX") {
+ if(!empty($host)) {
+ @exec("nslookup -type=$type $host", $output);
+ while(list($k, $line) = each($output)) {
+ if(eregi("^$host", $line)) {
+ return true;
+ }
+ }
+ return false;
+ }
+ }
- function _checkdnsrr($host, $type = "MX") {
- if(!empty($host)) {
- @exec("nslookup -type=$type $host", $output);
- while(list($k, $line) = each($output)) {
- if(eregi("^$host", $line)) {
- return true;
- }
- }
- return false;
- }
- }
+ function _getuser($fieldname, $value) {
+ $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"';
- function _getuser($fieldname, $value) {
- $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"';
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if ($row =& $this->db->sql_fetchrow($dbresult))
+ return $row;
+ else
+ return false;
+ }
- if ($row =& $this->db->sql_fetchrow($dbresult))
- return $row;
- else
- return false;
- }
+ function & getUsers($nb=0) {
+ $query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC';
+ if($nb>0) {
+ $query .= ' LIMIT 0, '.$nb;
+ }
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- function & getUsers($nb=0) {
- $query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC';
- if($nb>0) {
- $query .= ' LIMIT 0, '.$nb;
- }
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ while ($row = & $this->db->sql_fetchrow($dbresult)) {
+ $users[] = $row;
+ }
+ return $users;
+ }
- while ($row = & $this->db->sql_fetchrow($dbresult)) {
- $users[] = $row;
- }
- return $users;
- }
+ function _randompassword() {
+ $seed = (integer) md5(microtime());
+ mt_srand($seed);
+ $password = mt_rand(1, 99999999);
+ $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12));
+ return $password;
+ }
- function _randompassword() {
- $seed = (integer) md5(microtime());
- mt_srand($seed);
- $password = mt_rand(1, 99999999);
- $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12));
- return $password;
- }
+ function _updateuser($uId, $fieldname, $value) {
+ $updates = array ($fieldname => $value);
+ $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
- function _updateuser($uId, $fieldname, $value) {
- $updates = array ($fieldname => $value);
- $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
+ // Execute the statement.
+ $this->db->sql_transaction('begin');
+ if (!($dbresult = & $this->db->sql_query($sql))) {
+ $this->db->sql_transaction('rollback');
+ message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
+ return false;
+ }
+ $this->db->sql_transaction('commit');
- // Execute the statement.
- $this->db->sql_transaction('begin');
- if (!($dbresult = & $this->db->sql_query($sql))) {
- $this->db->sql_transaction('rollback');
- message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
- return false;
- }
- $this->db->sql_transaction('commit');
+ // Everything worked out, so return true.
+ return true;
+ }
- // Everything worked out, so return true.
- return true;
- }
+ function getProfileUrl($id, $username) {
+ return sprintf($this->profileurl, urlencode($id), urlencode($username));
+ }
- function getProfileUrl($id, $username) {
- return sprintf($this->profileurl, urlencode($id), urlencode($username));
- }
+ function getUserByUsername($username) {
+ return $this->_getuser($this->getFieldName('username'), $username);
+ }
- function getUserByUsername($username) {
- return $this->_getuser($this->getFieldName('username'), $username);
- }
+ function getUser($id) {
+ return $this->_getuser($this->getFieldName('primary'), $id);
+ }
+
+ // Momentary useful in order to go to object code
+ function getObjectUser($id) {
+ $user = $this->_getuser($this->getFieldName('primary'), $id);
+ return new User($id, $user[$this->getFieldName('username')]);
+ }
- function getUser($id) {
- return $this->_getuser($this->getFieldName('primary'), $id);
- }
+ function isLoggedOn() {
+ return ($this->getCurrentUserId() !== false);
+ }
- function isLoggedOn() {
- return ($this->getCurrentUserId() !== false);
- }
+ function &getCurrentUser($refresh = FALSE, $newval = NULL) {
+ static $currentuser;
+ if (!is_null($newval)) { //internal use only: reset currentuser
+ $currentuser = $newval;
+ } else if ($refresh || !isset($currentuser)) {
+ if ($id = $this->getCurrentUserId()) {
+ $currentuser = $this->getUser($id);
+ } else {
+ $currentuser = null;
+ }
+ }
+ return $currentuser;
+ }
+
+ // Momentary useful in order to go to object code
+ function getCurrentObjectUser($refresh = FALSE, $newval = NULL) {
+ static $currentObjectUser;
+ if (!is_null($newval)) { //internal use only: reset currentuser
+ $currentObjectUser = $newval;
+ } else if ($refresh || !isset($currentObjectUser)) {
+ if ($id = $this->getCurrentUserId()) {
+ $currentObjectUser = $this->getObjectUser($id);
+ } else {
+ $currentObjectUser = null;
+ }
+ }
+ return $currentObjectUser;
+ }
- function &getCurrentUser($refresh = FALSE, $newval = NULL) {
- static $currentuser;
- if (!is_null($newval)) //internal use only: reset currentuser
- $currentuser = $newval;
- else if ($refresh || !isset($currentuser)) {
- if ($id = $this->getCurrentUserId()) {
- $currentuser = $this->getUser($id);
- } else {
- $currentuser = null;
- }
- }
- return $currentuser;
- }
+ function isAdmin($userid) {
+ $user = $this->getUser($userid);
- function isAdmin($userid) {
- $user = $this->getUser($userid);
-
- if(isset($GLOBALS['admin_users'])
- && in_array($user['username'], $GLOBALS['admin_users'])) {
- return true;
- } else {
- return false;
- }
- }
+ if(isset($GLOBALS['admin_users'])
+ && in_array($user['username'], $GLOBALS['admin_users'])) {
+ return true;
+ } else {
+ return false;
+ }
+ }
- function getCurrentUserId() {
- if (isset($_SESSION[$this->getSessionKey()])) {
- //echo "session";die($_SESSION[$this->getSessionKey()]);
- return $_SESSION[$this->getSessionKey()];
- } else if (isset($_COOKIE[$this->getCookieKey()])) {
- //echo "cookie";die();
-
- $cook = split(':', $_COOKIE[$this->getCookieKey()]);
- //cookie looks like this: 'id:md5(username+password)'
- $query = 'SELECT * FROM '. $this->getTableName() .
+ /* return current user id based on session or cookie */
+ function getCurrentUserId() {
+ if (isset($_SESSION[$this->getSessionKey()])) {
+ return $_SESSION[$this->getSessionKey()];
+ } else if (isset($_COOKIE[$this->getCookieKey()])) {
+ $cook = split(':', $_COOKIE[$this->getCookieKey()]);
+ //cookie looks like this: 'id:md5(username+password)'
+ $query = 'SELECT * FROM '. $this->getTableName() .
' WHERE MD5(CONCAT('.$this->getFieldName('username') .
', '.$this->getFieldName('password') .
')) = \''.$this->db->sql_escape($cook[1]).'\' AND '.
- $this->getFieldName('primary'). ' = '. $this->db->sql_escape($cook[0]);
+ $this->getFieldName('primary'). ' = '. $this->db->sql_escape($cook[0]);
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- if ($row = $this->db->sql_fetchrow($dbresult)) {
- $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
- return $_SESSION[$this->getSessionKey()];
- }
- }
- return false;
- }
+ if ($row = $this->db->sql_fetchrow($dbresult)) {
+ $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
+ return $_SESSION[$this->getSessionKey()];
+ }
+ }
+ return false;
+ }
- function login($username, $password, $remember = FALSE) {
- $password = $this->sanitisePassword($password);
- $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"';
+ function login($username, $password, $remember = FALSE) {
+ $password = $this->sanitisePassword($password);
+ $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"';
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- if ($row =& $this->db->sql_fetchrow($dbresult)) {
- $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
- if ($remember) {
- $cookie = $id .':'. md5($username.$password);
- setcookie($this->cookiekey, $cookie, time() + $this->cookietime, '/');
- }
- return true;
- } else {
- return false;
- }
- }
+ if ($row =& $this->db->sql_fetchrow($dbresult)) {
+ $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
+ if ($remember) {
+ $cookie = $id .':'. md5($username.$password);
+ setcookie($this->cookiekey, $cookie, time() + $this->cookietime, '/');
+ }
+ return true;
+ } else {
+ return false;
+ }
+ }
- function logout() {
- @setcookie($this->getCookiekey(), '', time() - 1, '/');
- unset($_COOKIE[$this->getCookiekey()]);
- session_unset();
- $this->getCurrentUser(TRUE, false);
- }
+ function logout() {
+ @setcookie($this->getCookiekey(), '', time() - 1, '/');
+ unset($_COOKIE[$this->getCookiekey()]);
+ session_unset();
+ $this->getCurrentUser(TRUE, false);
+ }
- function getWatchlist($uId) {
- // Gets the list of user IDs being watched by the given user.
- $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId);
+ function getWatchlist($uId) {
+ // Gets the list of user IDs being watched by the given user.
+ $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId);
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- $arrWatch = array();
- if ($this->db->sql_numrows($dbresult) == 0)
- return $arrWatch;
- while ($row =& $this->db->sql_fetchrow($dbresult))
- $arrWatch[] = $row['watched'];
- return $arrWatch;
- }
+ $arrWatch = array();
+ if ($this->db->sql_numrows($dbresult) == 0)
+ return $arrWatch;
+ while ($row =& $this->db->sql_fetchrow($dbresult))
+ $arrWatch[] = $row['watched'];
+ return $arrWatch;
+ }
- function getWatchNames($uId, $watchedby = false) {
- // Gets the list of user names being watched by the given user.
- // - If $watchedby is false get the list of users that $uId watches
- // - If $watchedby is true get the list of users that watch $uId
- if ($watchedby) {
- $table1 = 'b';
- $table2 = 'a';
- } else {
- $table1 = 'a';
- $table2 = 'b';
- }
- $query = 'SELECT '. $table1 .'.'. $this->getFieldName('username') .' FROM '. $GLOBALS['tableprefix'] .'watched AS W, '. $this->getTableName() .' AS a, '. $this->getTableName() .' AS b WHERE W.watched = a.'. $this->getFieldName('primary') .' AND W.uId = b.'. $this->getFieldName('primary') .' AND '. $table2 .'.'. $this->getFieldName('primary') .' = '. intval($uId) .' ORDER BY '. $table1 .'.'. $this->getFieldName('username');
+ function getWatchNames($uId, $watchedby = false) {
+ // Gets the list of user names being watched by the given user.
+ // - If $watchedby is false get the list of users that $uId watches
+ // - If $watchedby is true get the list of users that watch $uId
+ if ($watchedby) {
+ $table1 = 'b';
+ $table2 = 'a';
+ } else {
+ $table1 = 'a';
+ $table2 = 'b';
+ }
+ $query = 'SELECT '. $table1 .'.'. $this->getFieldName('username') .' FROM '. $GLOBALS['tableprefix'] .'watched AS W, '. $this->getTableName() .' AS a, '. $this->getTableName() .' AS b WHERE W.watched = a.'. $this->getFieldName('primary') .' AND W.uId = b.'. $this->getFieldName('primary') .' AND '. $table2 .'.'. $this->getFieldName('primary') .' = '. intval($uId) .' ORDER BY '. $table1 .'.'. $this->getFieldName('username');
- if (!($dbresult =& $this->db->sql_query($query))) {
- message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (!($dbresult =& $this->db->sql_query($query))) {
+ message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- $arrWatch = array();
- if ($this->db->sql_numrows($dbresult) == 0) {
- return $arrWatch;
- }
- while ($row =& $this->db->sql_fetchrow($dbresult)) {
- $arrWatch[] = $row[$this->getFieldName('username')];
- }
- return $arrWatch;
- }
+ $arrWatch = array();
+ if ($this->db->sql_numrows($dbresult) == 0) {
+ return $arrWatch;
+ }
+ while ($row =& $this->db->sql_fetchrow($dbresult)) {
+ $arrWatch[] = $row[$this->getFieldName('username')];
+ }
+ return $arrWatch;
+ }
- function getWatchStatus($watcheduser, $currentuser) {
- // Returns true if the current user is watching the given user, and false otherwise.
- $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser);
+ function getWatchStatus($watcheduser, $currentuser) {
+ // Returns true if the current user is watching the given user, and false otherwise.
+ $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser);
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- $arrWatch = array();
- if ($this->db->sql_numrows($dbresult) == 0)
- return false;
- else
- return true;
- }
+ $arrWatch = array();
+ if ($this->db->sql_numrows($dbresult) == 0)
+ return false;
+ else
+ return true;
+ }
- function setWatchStatus($subjectUserID) {
- if (!is_numeric($subjectUserID))
- return false;
+ function setWatchStatus($subjectUserID) {
+ if (!is_numeric($subjectUserID))
+ return false;
- $currentUserID = $this->getCurrentUserId();
- $watched = $this->getWatchStatus($subjectUserID, $currentUserID);
+ $currentUserID = $this->getCurrentUserId();
+ $watched = $this->getWatchStatus($subjectUserID, $currentUserID);
- if ($watched) {
- $sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID);
- if (!($dbresult =& $this->db->sql_query($sql))) {
- $this->db->sql_transaction('rollback');
- message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
- return false;
- }
- } else {
- $values = array(
+ if ($watched) {
+ $sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID);
+ if (!($dbresult =& $this->db->sql_query($sql))) {
+ $this->db->sql_transaction('rollback');
+ message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
+ return false;
+ }
+ } else {
+ $values = array(
'uId' => intval($currentUserID),
'watched' => intval($subjectUserID)
- );
- $sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values);
- if (!($dbresult =& $this->db->sql_query($sql))) {
- $this->db->sql_transaction('rollback');
- message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
- return false;
- }
- }
+ );
+ $sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values);
+ if (!($dbresult =& $this->db->sql_query($sql))) {
+ $this->db->sql_transaction('rollback');
+ message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
+ return false;
+ }
+ }
- $this->db->sql_transaction('commit');
- return true;
- }
+ $this->db->sql_transaction('commit');
+ return true;
+ }
- function addUser($username, $password, $email) {
- // Set up the SQL UPDATE statement.
- $datetime = gmdate('Y-m-d H:i:s', time());
- $password = $this->sanitisePassword($password);
- $values = array('username' => $username, 'password' => $password, 'email' => $email, 'uDatetime' => $datetime, 'uModified' => $datetime);
- $sql = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values);
+ function addUser($username, $password, $email) {
+ // Set up the SQL UPDATE statement.
+ $datetime = gmdate('Y-m-d H:i:s', time());
+ $password = $this->sanitisePassword($password);
+ $values = array('username' => $username, 'password' => $password, 'email' => $email, 'uDatetime' => $datetime, 'uModified' => $datetime);
+ $sql = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values);
- // Execute the statement.
- $this->db->sql_transaction('begin');
- if (!($dbresult = & $this->db->sql_query($sql))) {
- $this->db->sql_transaction('rollback');
- message_die(GENERAL_ERROR, 'Could not insert user', '', __LINE__, __FILE__, $sql, $this->db);
- return false;
- }
- $this->db->sql_transaction('commit');
+ // Execute the statement.
+ $this->db->sql_transaction('begin');
+ if (!($dbresult = & $this->db->sql_query($sql))) {
+ $this->db->sql_transaction('rollback');
+ message_die(GENERAL_ERROR, 'Could not insert user', '', __LINE__, __FILE__, $sql, $this->db);
+ return false;
+ }
+ $this->db->sql_transaction('commit');
- // Everything worked out, so return true.
- return true;
- }
+ // Everything worked out, so return true.
+ return true;
+ }
- function updateUser($uId, $password, $name, $email, $homepage, $uContent) {
- if (!is_numeric($uId))
- return false;
+ function updateUser($uId, $password, $name, $email, $homepage, $uContent) {
+ if (!is_numeric($uId))
+ return false;
- // Set up the SQL UPDATE statement.
- $moddatetime = gmdate('Y-m-d H:i:s', time());
- if ($password == '')
- $updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
- else
- $updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
- $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
+ // Set up the SQL UPDATE statement.
+ $moddatetime = gmdate('Y-m-d H:i:s', time());
+ if ($password == '')
+ $updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
+ else
+ $updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
+ $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
- // Execute the statement.
- $this->db->sql_transaction('begin');
- if (!($dbresult = & $this->db->sql_query($sql))) {
- $this->db->sql_transaction('rollback');
- message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
- return false;
- }
- $this->db->sql_transaction('commit');
+ // Execute the statement.
+ $this->db->sql_transaction('begin');
+ if (!($dbresult = & $this->db->sql_query($sql))) {
+ $this->db->sql_transaction('rollback');
+ message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
+ return false;
+ }
+ $this->db->sql_transaction('commit');
- // Everything worked out, so return true.
- return true;
- }
+ // Everything worked out, so return true.
+ return true;
+ }
- function getAllUsers ( ) {
- $query = 'SELECT * FROM '. $this->getTableName();
+ function getAllUsers ( ) {
+ $query = 'SELECT * FROM '. $this->getTableName();
- if (! ($dbresult =& $this->db->sql_query($query)) ) {
- message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (! ($dbresult =& $this->db->sql_query($query)) ) {
+ message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- $rows = array();
+ $rows = array();
- while ( $row = $this->db->sql_fetchrow($dbresult) ) {
- $rows[] = $row;
- }
+ while ( $row = $this->db->sql_fetchrow($dbresult) ) {
+ $rows[] = $row;
+ }
- return $rows;
- }
+ return $rows;
+ }
- function deleteUser($uId) {
- $query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId);
+ function deleteUser($uId) {
+ $query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId);
- if (!($dbresult = & $this->db->sql_query($query))) {
- message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db);
- return false;
- }
+ if (!($dbresult = & $this->db->sql_query($query))) {
+ message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db);
+ return false;
+ }
- return true;
- }
+ return true;
+ }
- function sanitisePassword($password) {
- return sha1(trim($password));
- }
+ function sanitisePassword($password) {
+ return sha1(trim($password));
+ }
- function generatePassword($uId) {
- if (!is_numeric($uId))
- return false;
+ function generatePassword($uId) {
+ if (!is_numeric($uId))
+ return false;
- $password = $this->_randompassword();
+ $password = $this->_randompassword();
- if ($this->_updateuser($uId, $this->getFieldName('password'), $this->sanitisePassword($password)))
- return $password;
- else
- return false;
- }
+ if ($this->_updateuser($uId, $this->getFieldName('password'), $this->sanitisePassword($password)))
+ return $password;
+ else
+ return false;
+ }
- function isReserved($username) {
- if (in_array($username, $GLOBALS['reservedusers'])) {
- return true;
- } else {
- return false;
- }
- }
-
- function isValidUsername($username) {
- if (strlen($username) > 24) {
- // too long usernames are cut by database and may cause bugs when compared
- return false;
- } elseif (preg_match('/(\W)/', $username) > 0) {
- // forbidden non-alphanumeric characters
- return false;
- }
- return true;
- }
+ function isReserved($username) {
+ if (in_array($username, $GLOBALS['reservedusers'])) {
+ return true;
+ } else {
+ return false;
+ }
+ }
-
+ function isValidUsername($username) {
+ if (strlen($username) > 24) {
+ // too long usernames are cut by database and may cause bugs when compared
+ return false;
+ } elseif (preg_match('/(\W)/', $username) > 0) {
+ // forbidden non-alphanumeric characters
+ return false;
+ }
+ return true;
+ }
- function isValidEmail($email) {
- if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {
- list($emailUser, $emailDomain) = split("@", $email);
- // Check if the email domain has a DNS record
- if ($this->_checkdns($emailDomain)) {
- return true;
- }
- }
- return false;
- }
- // Properties
- function getTableName() { return $this->tablename; }
- function setTableName($value) { $this->tablename = $value; }
+ function isValidEmail($email) {
+ if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {
+ list($emailUser, $emailDomain) = split("@", $email);
- function getFieldName($field) { return $this->fields[$field]; }
- function setFieldName($field, $value) { $this->fields[$field] = $value; }
+ // Check if the email domain has a DNS record
+ if ($this->_checkdns($emailDomain)) {
+ return true;
+ }
+ }
+ return false;
+ }
- function getSessionKey() { return $this->sessionkey; }
- function setSessionKey($value) { $this->sessionkey = $value; }
+ // Properties
+ function getTableName() { return $this->tablename; }
+ function setTableName($value) { $this->tablename = $value; }
- function getCookieKey() { return $this->cookiekey; }
- function setCookieKey($value) { $this->cookiekey = $value; }
+ function getFieldName($field) { return $this->fields[$field]; }
+ function setFieldName($field, $value) { $this->fields[$field] = $value; }
+
+ function getSessionKey() { return $this->sessionkey; }
+ function setSessionKey($value) { $this->sessionkey = $value; }
+
+ function getCookieKey() { return $this->cookiekey; }
+ function setCookieKey($value) { $this->cookiekey = $value; }
+}
+
+class User {
+
+ var $id;
+ var $username;
+ var $isAdmin;
+
+ function User($id, $username) {
+ $this->id = $id;
+ $this->username = $username;
+ }
+
+ function getId() {
+ return $this->id;
+ }
+
+ function getUsername() {
+ return $this->username;
+ }
+
+ function isAdmin() {
+ // Look for value if not already set
+ if(!isset($this->isAdmin)) {
+ $userservice =& ServiceFactory::getServiceInstance('UserService');
+ $this->isAdmin = $userservice->isAdmin($this->id);
+ }
+ return $this->isAdmin;
+ }
}
?>
diff --git a/templates/bookmarks.tpl.php b/templates/bookmarks.tpl.php
index e95f787..475436b 100644
--- a/templates/bookmarks.tpl.php
+++ b/templates/bookmarks.tpl.php
@@ -8,9 +8,13 @@ $cdservice =& ServiceFactory::getServiceInstance('CommonDescriptionService');
-$logged_on_userid = $userservice->getCurrentUserId();
-$currentUser = $userservice->getCurrentUser();
-$currentUsername = $currentUser[$userservice->getFieldName('username')];
+//$logged_on_userid = $userservice->getCurrentUserId();
+//$currentUser = $userservice->getCurrentUser();
+//$currentUsername = $currentUser[$userservice->getFieldName('username')];
+
+// Momentary useful to go to object code
+$currentObjectUser = $userservice->getCurrentObjectUser();
+
$pageName = isset($pageName)?$pageName:"";
$this->includeTemplate($GLOBALS['top_include']);
@@ -23,50 +27,45 @@ include('search.inc.php');
-
-
-
+
getLastTagDescription($currenttag)) {
- $description = $cdservice->getLastTagDescription($currenttag);
- echo nl2br(filter($description['cdDescription']));
+ $description = $cdservice->getLastTagDescription($currenttag);
+ echo nl2br(filter($description['cdDescription']));
} elseif(isset($hash) && $cdservice->getLastBookmarkDescription($hash)) {
- $description = $cdservice->getLastBookmarkDescription($hash);
- echo nl2br(filter($description['cdTitle'])). "
";
- echo nl2br(filter($description['cdDescription'])). "
";
+ $description = $cdservice->getLastBookmarkDescription($hash);
+ echo nl2br(filter($description['cdTitle'])). "
";
+ echo nl2br(filter($description['cdDescription'])). "
";
}
-if($logged_on_userid>0) {
- if(isset($currenttag)) {
- echo ' (';
- echo T_('edit common description').')';
- } elseif(isset($hash)) {
- echo ' (';
- echo T_('edit common description').')';
- }
+if($userservice->isLoggedOn()) {
+ if(isset($currenttag)) {
+ echo ' (';
+ echo T_('edit common description').')';
+ } elseif(isset($hash)) {
+ echo ' (';
+ echo T_('edit common description').')';
+ }
}
-?>
-
+?>
getUserByUsername($user);
- if($tagservice->getDescription($currenttag, $userObject['uId'])) { ?>
+ $userObject = $userservice->getUserByUsername($user);
+ if($tagservice->getDescription($currenttag, $userObject['uId'])) { ?>
+
+getDescription($currenttag, $userObject['uId']);
+echo nl2br(filter($description['tDescription']));
+?>
-
getDescription($currenttag, $userObject['uId']);
- echo nl2br(filter($description['tDescription']));
-?>
-
-
-
@@ -75,202 +74,195 @@ if(isset($currenttag) && isset($user)) {
window.onload = playerLoad;
-
- -
-
-
- /
- /
-
-
-
-
- -
+
+/
+/
+ ';
- echo T_('Bookmarks from other users for this tag').'';
- //echo T_(' for these tags');
- } else if($logged_on_userid>0){
- echo ' - ';
- echo '';
- echo T_('Only your bookmarks for this tag').'';
- //echo T_(' for these tags');
+ echo ' - ';
+ echo '';
+ echo T_('Bookmarks from other users for this tag').'';
+ //echo T_(' for these tags');
+ } else if($userservice->isLoggedOn()){
+ echo ' - ';
+ echo '';
+ echo T_('Only your bookmarks for this tag').'';
+ //echo T_(' for these tags');
}
- }
- ?>
-
+}
+?>
- 0 ? ' start="'. ++$start .'"' : ''); ?> id="bookmarks">
+ 0 ? ' start="'. ++$start .'"' : ''); ?>
+ id="bookmarks">
- '. filter($tag) .', ';
- $tagsForCopy.= $tag.',';
- }
- $cats = substr($cats, 0, -2);
- if ($cats != '') {
- $cats = ' '.T_('in').' '. $cats;
- }
+ $tag =& $tags[$key];
+ $cats .= ''. filter($tag) .', ';
+ $tagsForCopy.= $tag.',';
+ }
+ $cats = substr($cats, 0, -2);
+ if ($cats != '') {
+ $cats = ' '.T_('in').' '. $cats;
+ }
- // Edit and delete links
- $edit = '';
- if ($bookmarkservice->editAllowed($row['bId'])) {
- $edit = ' - '. T_('Edit') .'';
- }
+ // Edit and delete links
+ $edit = '';
+ if ($bookmarkservice->editAllowed($row['bId'])) {
+ $edit = ' - '. T_('Edit') .'';
+ }
- // User attribution
- $copy = '';
- if (!isset($user) || isset($watched)) {
- $copy = ' '. T_('by') .' '. $row['username'] .'';
- }
+ // User attribution
+ $copy = '';
+ if (!isset($user) || isset($watched)) {
+ $copy = ' '. T_('by') .' '. $row['username'] .'';
+ }
- // Udders!
- if (!isset($hash)) {
- $others = $bookmarkservice->countOthers($row['bAddress']);
- $ostart = '';
- $oend = '';
- switch ($others) {
- case 0:
- break;
- case 1:
- $copy .= sprintf(T_(' and %s1 other%s'), $ostart, $oend);
- break;
- default:
- $copy .= sprintf(T_(' and %2$s%1$s others%3$s'), $others, $ostart, $oend);
- }
- }
+ // Udders!
+ if (!isset($hash)) {
+ $others = $bookmarkservice->countOthers($row['bAddress']);
+ $ostart = '';
+ $oend = '';
+ switch ($others) {
+ case 0:
+ break;
+ case 1:
+ $copy .= sprintf(T_(' and %s1 other%s'), $ostart, $oend);
+ break;
+ default:
+ $copy .= sprintf(T_(' and %2$s%1$s others%3$s'), $others, $ostart, $oend);
+ }
+ }
- // Copy link
- if ($userservice->isLoggedOn() && ($logged_on_userid != $row['uId']) && !$bookmarkservice->bookmarkExists($row['bAddress'], $logged_on_userid)) {
- // Get the username of the current user
- $currentUser = $userservice->getCurrentUser();
- $currentUsername = $currentUser[$userservice->getFieldName('username')];
- $copy .= ' - '. T_('Copy') .'';
- }
+ // Copy link
+ if ($userservice->isLoggedOn()
+ && ($currentObjectUser->getId() != $row['uId'])
+ && !$bookmarkservice->bookmarkExists($row['bAddress'], $currentObjectUser->getId())) {
+ $copy .= ' - '. T_('Copy') .'';
+ }
- // Nofollow option
- $rel = '';
- if ($GLOBALS['nofollow']) {
- $rel = ' rel="nofollow"';
- }
+ // Nofollow option
+ $rel = '';
+ if ($GLOBALS['nofollow']) {
+ $rel = ' rel="nofollow"';
+ }
- $address = filter($row['bAddress']);
-
- // Redirection option
- if ($GLOBALS['useredir']) {
- $address = $GLOBALS['url_redir'] . $address;
- }
-
- // Output
- echo '- '."\n";
- if ($GLOBALS['enableWebsiteThumbnails']) {
- $thumbnailHash = md5($address.$GLOBALS['thumbnailsUserId'].$GLOBALS['thumbnailsKey']);
- echo '
';
+ $address = filter($row['bAddress']);
+
+ // Redirection option
+ if ($GLOBALS['useredir']) {
+ $address = $GLOBALS['url_redir'] . $address;
+ }
+
+ // Output
+ echo '- '."\n";
+ if ($GLOBALS['enableWebsiteThumbnails']) {
+ $thumbnailHash = md5($address.$GLOBALS['thumbnailsUserId'].$GLOBALS['thumbnailsKey']);
+ echo ' ';
+ }
+ echo '
';
+
+ echo '
\n";
+ if ($row['bDescription'] == '') {
+ $row['bDescription'] = '-';
+ }
+ echo '
'. filter($row['bDescription']) ."
\n";
+ if(!isset($hash)) {
+ echo '
'.shortenString($address).'
';
+ }
+
+ echo '
'. date($GLOBALS['shortdate'], strtotime($row['bDatetime'])) . $cats . $copy . $edit ."
\n";
+
+ echo '
\n";
}
- echo '';
-
- echo '
\n";
- if ($row['bDescription'] == '') {
- $row['bDescription'] = '-';
- }
- echo '
'. filter($row['bDescription']) ."
\n";
- if(!isset($hash)) {
- echo '
'.shortenString($address).'
';
- }
-
- echo '
'. date($GLOBALS['shortdate'], strtotime($row['bDatetime'])) . $cats . $copy . $edit ."
\n";
-
- echo '
\n";
- }
- ?>
+ ?>
- '. T_('First') .'';
- $bprev = ''. T_('Previous') .'';
- } else {
- $prev = $page - 1;
- $prev = 'page='. $prev;
- $start = ($page - 1) * $perpage;
- $bfirst= ''. T_('First') .'';
- $bprev = ''. T_('Previous') .'';
- }
-
- // Next
- $next = $page + 1;
- $totalpages = ceil($total / $perpage);
- if (count($bookmarks) < $perpage || $perpage * $page == $total) {
- $bnext = ''. T_('Next') .'';
- $blast = ''. T_('Last') ."\n";
- } else {
- $bnext = ''. T_('Next') .'';
- $blast = ''. T_('Last') ."\n";
- }
+ !['. $rsschannels[$i][0] .']('. ROOT .'images/rss.gif)
';
- }
+ // Ordering
+ $sortOrder = '';
+ if (isset($_GET['sort'])) {
+ $sortOrder = 'sort='. $_GET['sort'];
+ }
+
+ $sortAmp = (($sortOrder) ? '&'. $sortOrder : '');
+ $sortQue = (($sortOrder) ? '?'. $sortOrder : '');
+
+ // Previous
+ $perpage = getPerPageCount();
+ if (!$page || $page < 2) {
+ $page = 1;
+ $start = 0;
+ $bfirst = ''. T_('First') .'';
+ $bprev = ''. T_('Previous') .'';
+ } else {
+ $prev = $page - 1;
+ $prev = 'page='. $prev;
+ $start = ($page - 1) * $perpage;
+ $bfirst= ''. T_('First') .'';
+ $bprev = ''. T_('Previous') .'';
+ }
+
+ // Next
+ $next = $page + 1;
+ $totalpages = ceil($total / $perpage);
+ if (count($bookmarks) < $perpage || $perpage * $page == $total) {
+ $bnext = ''. T_('Next') .'';
+ $blast = ''. T_('Last') ."\n";
+ } else {
+ $bnext = ''. T_('Next') .'';
+ $blast = ''. T_('Last') ."\n";
+ }
+
+ // RSS
+ $brss = '';
+ $size = count($rsschannels);
+ for ($i = 0; $i < $size; $i++) {
+ $brss = '';
+ }
+
+ echo ''. $bfirst .' / '. $bprev .' / '. $bnext .' / '. $blast .' / '. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ."
\n";
- echo ''. $bfirst .' / '. $bprev .' / '. $bnext .' / '. $blast .' / '. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ."
\n";
-
} else {
- echo ''.T_('No bookmarks available').'
';
+ echo ''.T_('No bookmarks available').'
';
}
$this->includeTemplate('sidebar.tpl');
$this->includeTemplate($GLOBALS['bottom_include']);