From 9aafe7551eb5a73739709e72465031db7a1531b4 Mon Sep 17 00:00:00 2001 From: mensonge Date: Fri, 21 Nov 2008 18:45:18 +0000 Subject: [PATCH] Minor refactoring: introduce user as an object. git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@172 b3834d28-1941-0410-a4f8-b48e95affb8f --- header.inc.php | 1 - services/userservice.php | 740 +++++++++++++++++++----------------- templates/bookmarks.tpl.php | 402 ++++++++++---------- 3 files changed, 590 insertions(+), 553 deletions(-) diff --git a/header.inc.php b/header.inc.php index f26cb68..ccf198b 100644 --- a/header.inc.php +++ b/header.inc.php @@ -13,7 +13,6 @@ if(DEBUG_MODE) { ini_set('display_errors', '1'); ini_set('mysql.trace_mode', '1'); error_reporting(E_ALL); - //error_reporting(E_ALL^E_NOTICE); } else { ini_set('display_errors', '0'); ini_set('mysql.trace_mode', '0'); diff --git a/services/userservice.php b/services/userservice.php index e611cb8..19e81c6 100644 --- a/services/userservice.php +++ b/services/userservice.php @@ -1,6 +1,15 @@ 'uId', + 'username' => 'username', + 'password' => 'password'); + var $profileurl; + var $tablename; + var $sessionkey; + var $cookiekey; + var $cookietime = 1209600; // 2 weeks function &getInstance(&$db) { static $instance; @@ -9,423 +18,460 @@ class UserService { return $instance; } - var $fields = array( - 'primary' => 'uId', - 'username' => 'username', - 'password' => 'password' - ); - var $profileurl; - var $tablename; - var $sessionkey; - var $cookiekey; - var $cookietime = 1209600; // 2 weeks + function UserService(& $db) { + $this->db =& $db; + $this->tablename = $GLOBALS['tableprefix'] .'users'; + $this->sessionkey = INSTALLATION_ID.'-currentuserid'; + $this->cookiekey = INSTALLATION_ID.'-login'; + $this->profileurl = createURL('profile', '%2$s'); + } - function UserService(& $db) { - $this->db =& $db; - $this->tablename = $GLOBALS['tableprefix'] .'users'; - $this->sessionkey = INSTALLATION_ID.'-currentuserid'; - $this->cookiekey = INSTALLATION_ID.'-login'; - $this->profileurl = createURL('profile', '%2$s'); - } + function _checkdns($host) { + if (function_exists('checkdnsrr')) { + return checkdnsrr($host); + } else { + return $this->_checkdnsrr($host); + } + } - function _checkdns($host) { - if (function_exists('checkdnsrr')) { - return checkdnsrr($host); - } else { - return $this->_checkdnsrr($host); - } - } + function _checkdnsrr($host, $type = "MX") { + if(!empty($host)) { + @exec("nslookup -type=$type $host", $output); + while(list($k, $line) = each($output)) { + if(eregi("^$host", $line)) { + return true; + } + } + return false; + } + } - function _checkdnsrr($host, $type = "MX") { - if(!empty($host)) { - @exec("nslookup -type=$type $host", $output); - while(list($k, $line) = each($output)) { - if(eregi("^$host", $line)) { - return true; - } - } - return false; - } - } + function _getuser($fieldname, $value) { + $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"'; - function _getuser($fieldname, $value) { - $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"'; + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if ($row =& $this->db->sql_fetchrow($dbresult)) + return $row; + else + return false; + } - if ($row =& $this->db->sql_fetchrow($dbresult)) - return $row; - else - return false; - } + function & getUsers($nb=0) { + $query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC'; + if($nb>0) { + $query .= ' LIMIT 0, '.$nb; + } + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - function & getUsers($nb=0) { - $query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC'; - if($nb>0) { - $query .= ' LIMIT 0, '.$nb; - } - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + while ($row = & $this->db->sql_fetchrow($dbresult)) { + $users[] = $row; + } + return $users; + } - while ($row = & $this->db->sql_fetchrow($dbresult)) { - $users[] = $row; - } - return $users; - } + function _randompassword() { + $seed = (integer) md5(microtime()); + mt_srand($seed); + $password = mt_rand(1, 99999999); + $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12)); + return $password; + } - function _randompassword() { - $seed = (integer) md5(microtime()); - mt_srand($seed); - $password = mt_rand(1, 99999999); - $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12)); - return $password; - } + function _updateuser($uId, $fieldname, $value) { + $updates = array ($fieldname => $value); + $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId); - function _updateuser($uId, $fieldname, $value) { - $updates = array ($fieldname => $value); - $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId); + // Execute the statement. + $this->db->sql_transaction('begin'); + if (!($dbresult = & $this->db->sql_query($sql))) { + $this->db->sql_transaction('rollback'); + message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db); + return false; + } + $this->db->sql_transaction('commit'); - // Execute the statement. - $this->db->sql_transaction('begin'); - if (!($dbresult = & $this->db->sql_query($sql))) { - $this->db->sql_transaction('rollback'); - message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db); - return false; - } - $this->db->sql_transaction('commit'); + // Everything worked out, so return true. + return true; + } - // Everything worked out, so return true. - return true; - } + function getProfileUrl($id, $username) { + return sprintf($this->profileurl, urlencode($id), urlencode($username)); + } - function getProfileUrl($id, $username) { - return sprintf($this->profileurl, urlencode($id), urlencode($username)); - } + function getUserByUsername($username) { + return $this->_getuser($this->getFieldName('username'), $username); + } - function getUserByUsername($username) { - return $this->_getuser($this->getFieldName('username'), $username); - } + function getUser($id) { + return $this->_getuser($this->getFieldName('primary'), $id); + } + + // Momentary useful in order to go to object code + function getObjectUser($id) { + $user = $this->_getuser($this->getFieldName('primary'), $id); + return new User($id, $user[$this->getFieldName('username')]); + } - function getUser($id) { - return $this->_getuser($this->getFieldName('primary'), $id); - } + function isLoggedOn() { + return ($this->getCurrentUserId() !== false); + } - function isLoggedOn() { - return ($this->getCurrentUserId() !== false); - } + function &getCurrentUser($refresh = FALSE, $newval = NULL) { + static $currentuser; + if (!is_null($newval)) { //internal use only: reset currentuser + $currentuser = $newval; + } else if ($refresh || !isset($currentuser)) { + if ($id = $this->getCurrentUserId()) { + $currentuser = $this->getUser($id); + } else { + $currentuser = null; + } + } + return $currentuser; + } + + // Momentary useful in order to go to object code + function getCurrentObjectUser($refresh = FALSE, $newval = NULL) { + static $currentObjectUser; + if (!is_null($newval)) { //internal use only: reset currentuser + $currentObjectUser = $newval; + } else if ($refresh || !isset($currentObjectUser)) { + if ($id = $this->getCurrentUserId()) { + $currentObjectUser = $this->getObjectUser($id); + } else { + $currentObjectUser = null; + } + } + return $currentObjectUser; + } - function &getCurrentUser($refresh = FALSE, $newval = NULL) { - static $currentuser; - if (!is_null($newval)) //internal use only: reset currentuser - $currentuser = $newval; - else if ($refresh || !isset($currentuser)) { - if ($id = $this->getCurrentUserId()) { - $currentuser = $this->getUser($id); - } else { - $currentuser = null; - } - } - return $currentuser; - } + function isAdmin($userid) { + $user = $this->getUser($userid); - function isAdmin($userid) { - $user = $this->getUser($userid); - - if(isset($GLOBALS['admin_users']) - && in_array($user['username'], $GLOBALS['admin_users'])) { - return true; - } else { - return false; - } - } + if(isset($GLOBALS['admin_users']) + && in_array($user['username'], $GLOBALS['admin_users'])) { + return true; + } else { + return false; + } + } - function getCurrentUserId() { - if (isset($_SESSION[$this->getSessionKey()])) { - //echo "session";die($_SESSION[$this->getSessionKey()]); - return $_SESSION[$this->getSessionKey()]; - } else if (isset($_COOKIE[$this->getCookieKey()])) { - //echo "cookie";die(); - - $cook = split(':', $_COOKIE[$this->getCookieKey()]); - //cookie looks like this: 'id:md5(username+password)' - $query = 'SELECT * FROM '. $this->getTableName() . + /* return current user id based on session or cookie */ + function getCurrentUserId() { + if (isset($_SESSION[$this->getSessionKey()])) { + return $_SESSION[$this->getSessionKey()]; + } else if (isset($_COOKIE[$this->getCookieKey()])) { + $cook = split(':', $_COOKIE[$this->getCookieKey()]); + //cookie looks like this: 'id:md5(username+password)' + $query = 'SELECT * FROM '. $this->getTableName() . ' WHERE MD5(CONCAT('.$this->getFieldName('username') . ', '.$this->getFieldName('password') . ')) = \''.$this->db->sql_escape($cook[1]).'\' AND '. - $this->getFieldName('primary'). ' = '. $this->db->sql_escape($cook[0]); + $this->getFieldName('primary'). ' = '. $this->db->sql_escape($cook[0]); - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - if ($row = $this->db->sql_fetchrow($dbresult)) { - $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; - return $_SESSION[$this->getSessionKey()]; - } - } - return false; - } + if ($row = $this->db->sql_fetchrow($dbresult)) { + $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; + return $_SESSION[$this->getSessionKey()]; + } + } + return false; + } - function login($username, $password, $remember = FALSE) { - $password = $this->sanitisePassword($password); - $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"'; + function login($username, $password, $remember = FALSE) { + $password = $this->sanitisePassword($password); + $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"'; - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - if ($row =& $this->db->sql_fetchrow($dbresult)) { - $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; - if ($remember) { - $cookie = $id .':'. md5($username.$password); - setcookie($this->cookiekey, $cookie, time() + $this->cookietime, '/'); - } - return true; - } else { - return false; - } - } + if ($row =& $this->db->sql_fetchrow($dbresult)) { + $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; + if ($remember) { + $cookie = $id .':'. md5($username.$password); + setcookie($this->cookiekey, $cookie, time() + $this->cookietime, '/'); + } + return true; + } else { + return false; + } + } - function logout() { - @setcookie($this->getCookiekey(), '', time() - 1, '/'); - unset($_COOKIE[$this->getCookiekey()]); - session_unset(); - $this->getCurrentUser(TRUE, false); - } + function logout() { + @setcookie($this->getCookiekey(), '', time() - 1, '/'); + unset($_COOKIE[$this->getCookiekey()]); + session_unset(); + $this->getCurrentUser(TRUE, false); + } - function getWatchlist($uId) { - // Gets the list of user IDs being watched by the given user. - $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId); + function getWatchlist($uId) { + // Gets the list of user IDs being watched by the given user. + $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId); - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - $arrWatch = array(); - if ($this->db->sql_numrows($dbresult) == 0) - return $arrWatch; - while ($row =& $this->db->sql_fetchrow($dbresult)) - $arrWatch[] = $row['watched']; - return $arrWatch; - } + $arrWatch = array(); + if ($this->db->sql_numrows($dbresult) == 0) + return $arrWatch; + while ($row =& $this->db->sql_fetchrow($dbresult)) + $arrWatch[] = $row['watched']; + return $arrWatch; + } - function getWatchNames($uId, $watchedby = false) { - // Gets the list of user names being watched by the given user. - // - If $watchedby is false get the list of users that $uId watches - // - If $watchedby is true get the list of users that watch $uId - if ($watchedby) { - $table1 = 'b'; - $table2 = 'a'; - } else { - $table1 = 'a'; - $table2 = 'b'; - } - $query = 'SELECT '. $table1 .'.'. $this->getFieldName('username') .' FROM '. $GLOBALS['tableprefix'] .'watched AS W, '. $this->getTableName() .' AS a, '. $this->getTableName() .' AS b WHERE W.watched = a.'. $this->getFieldName('primary') .' AND W.uId = b.'. $this->getFieldName('primary') .' AND '. $table2 .'.'. $this->getFieldName('primary') .' = '. intval($uId) .' ORDER BY '. $table1 .'.'. $this->getFieldName('username'); + function getWatchNames($uId, $watchedby = false) { + // Gets the list of user names being watched by the given user. + // - If $watchedby is false get the list of users that $uId watches + // - If $watchedby is true get the list of users that watch $uId + if ($watchedby) { + $table1 = 'b'; + $table2 = 'a'; + } else { + $table1 = 'a'; + $table2 = 'b'; + } + $query = 'SELECT '. $table1 .'.'. $this->getFieldName('username') .' FROM '. $GLOBALS['tableprefix'] .'watched AS W, '. $this->getTableName() .' AS a, '. $this->getTableName() .' AS b WHERE W.watched = a.'. $this->getFieldName('primary') .' AND W.uId = b.'. $this->getFieldName('primary') .' AND '. $table2 .'.'. $this->getFieldName('primary') .' = '. intval($uId) .' ORDER BY '. $table1 .'.'. $this->getFieldName('username'); - if (!($dbresult =& $this->db->sql_query($query))) { - message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (!($dbresult =& $this->db->sql_query($query))) { + message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - $arrWatch = array(); - if ($this->db->sql_numrows($dbresult) == 0) { - return $arrWatch; - } - while ($row =& $this->db->sql_fetchrow($dbresult)) { - $arrWatch[] = $row[$this->getFieldName('username')]; - } - return $arrWatch; - } + $arrWatch = array(); + if ($this->db->sql_numrows($dbresult) == 0) { + return $arrWatch; + } + while ($row =& $this->db->sql_fetchrow($dbresult)) { + $arrWatch[] = $row[$this->getFieldName('username')]; + } + return $arrWatch; + } - function getWatchStatus($watcheduser, $currentuser) { - // Returns true if the current user is watching the given user, and false otherwise. - $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser); + function getWatchStatus($watcheduser, $currentuser) { + // Returns true if the current user is watching the given user, and false otherwise. + $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser); - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - $arrWatch = array(); - if ($this->db->sql_numrows($dbresult) == 0) - return false; - else - return true; - } + $arrWatch = array(); + if ($this->db->sql_numrows($dbresult) == 0) + return false; + else + return true; + } - function setWatchStatus($subjectUserID) { - if (!is_numeric($subjectUserID)) - return false; + function setWatchStatus($subjectUserID) { + if (!is_numeric($subjectUserID)) + return false; - $currentUserID = $this->getCurrentUserId(); - $watched = $this->getWatchStatus($subjectUserID, $currentUserID); + $currentUserID = $this->getCurrentUserId(); + $watched = $this->getWatchStatus($subjectUserID, $currentUserID); - if ($watched) { - $sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID); - if (!($dbresult =& $this->db->sql_query($sql))) { - $this->db->sql_transaction('rollback'); - message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db); - return false; - } - } else { - $values = array( + if ($watched) { + $sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID); + if (!($dbresult =& $this->db->sql_query($sql))) { + $this->db->sql_transaction('rollback'); + message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db); + return false; + } + } else { + $values = array( 'uId' => intval($currentUserID), 'watched' => intval($subjectUserID) - ); - $sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values); - if (!($dbresult =& $this->db->sql_query($sql))) { - $this->db->sql_transaction('rollback'); - message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db); - return false; - } - } + ); + $sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values); + if (!($dbresult =& $this->db->sql_query($sql))) { + $this->db->sql_transaction('rollback'); + message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db); + return false; + } + } - $this->db->sql_transaction('commit'); - return true; - } + $this->db->sql_transaction('commit'); + return true; + } - function addUser($username, $password, $email) { - // Set up the SQL UPDATE statement. - $datetime = gmdate('Y-m-d H:i:s', time()); - $password = $this->sanitisePassword($password); - $values = array('username' => $username, 'password' => $password, 'email' => $email, 'uDatetime' => $datetime, 'uModified' => $datetime); - $sql = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values); + function addUser($username, $password, $email) { + // Set up the SQL UPDATE statement. + $datetime = gmdate('Y-m-d H:i:s', time()); + $password = $this->sanitisePassword($password); + $values = array('username' => $username, 'password' => $password, 'email' => $email, 'uDatetime' => $datetime, 'uModified' => $datetime); + $sql = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values); - // Execute the statement. - $this->db->sql_transaction('begin'); - if (!($dbresult = & $this->db->sql_query($sql))) { - $this->db->sql_transaction('rollback'); - message_die(GENERAL_ERROR, 'Could not insert user', '', __LINE__, __FILE__, $sql, $this->db); - return false; - } - $this->db->sql_transaction('commit'); + // Execute the statement. + $this->db->sql_transaction('begin'); + if (!($dbresult = & $this->db->sql_query($sql))) { + $this->db->sql_transaction('rollback'); + message_die(GENERAL_ERROR, 'Could not insert user', '', __LINE__, __FILE__, $sql, $this->db); + return false; + } + $this->db->sql_transaction('commit'); - // Everything worked out, so return true. - return true; - } + // Everything worked out, so return true. + return true; + } - function updateUser($uId, $password, $name, $email, $homepage, $uContent) { - if (!is_numeric($uId)) - return false; + function updateUser($uId, $password, $name, $email, $homepage, $uContent) { + if (!is_numeric($uId)) + return false; - // Set up the SQL UPDATE statement. - $moddatetime = gmdate('Y-m-d H:i:s', time()); - if ($password == '') - $updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent); - else - $updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent); - $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId); + // Set up the SQL UPDATE statement. + $moddatetime = gmdate('Y-m-d H:i:s', time()); + if ($password == '') + $updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent); + else + $updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent); + $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId); - // Execute the statement. - $this->db->sql_transaction('begin'); - if (!($dbresult = & $this->db->sql_query($sql))) { - $this->db->sql_transaction('rollback'); - message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db); - return false; - } - $this->db->sql_transaction('commit'); + // Execute the statement. + $this->db->sql_transaction('begin'); + if (!($dbresult = & $this->db->sql_query($sql))) { + $this->db->sql_transaction('rollback'); + message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db); + return false; + } + $this->db->sql_transaction('commit'); - // Everything worked out, so return true. - return true; - } + // Everything worked out, so return true. + return true; + } - function getAllUsers ( ) { - $query = 'SELECT * FROM '. $this->getTableName(); + function getAllUsers ( ) { + $query = 'SELECT * FROM '. $this->getTableName(); - if (! ($dbresult =& $this->db->sql_query($query)) ) { - message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (! ($dbresult =& $this->db->sql_query($query)) ) { + message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - $rows = array(); + $rows = array(); - while ( $row = $this->db->sql_fetchrow($dbresult) ) { - $rows[] = $row; - } + while ( $row = $this->db->sql_fetchrow($dbresult) ) { + $rows[] = $row; + } - return $rows; - } + return $rows; + } - function deleteUser($uId) { - $query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId); + function deleteUser($uId) { + $query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId); - if (!($dbresult = & $this->db->sql_query($query))) { - message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db); - return false; - } + if (!($dbresult = & $this->db->sql_query($query))) { + message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db); + return false; + } - return true; - } + return true; + } - function sanitisePassword($password) { - return sha1(trim($password)); - } + function sanitisePassword($password) { + return sha1(trim($password)); + } - function generatePassword($uId) { - if (!is_numeric($uId)) - return false; + function generatePassword($uId) { + if (!is_numeric($uId)) + return false; - $password = $this->_randompassword(); + $password = $this->_randompassword(); - if ($this->_updateuser($uId, $this->getFieldName('password'), $this->sanitisePassword($password))) - return $password; - else - return false; - } + if ($this->_updateuser($uId, $this->getFieldName('password'), $this->sanitisePassword($password))) + return $password; + else + return false; + } - function isReserved($username) { - if (in_array($username, $GLOBALS['reservedusers'])) { - return true; - } else { - return false; - } - } - - function isValidUsername($username) { - if (strlen($username) > 24) { - // too long usernames are cut by database and may cause bugs when compared - return false; - } elseif (preg_match('/(\W)/', $username) > 0) { - // forbidden non-alphanumeric characters - return false; - } - return true; - } + function isReserved($username) { + if (in_array($username, $GLOBALS['reservedusers'])) { + return true; + } else { + return false; + } + } - + function isValidUsername($username) { + if (strlen($username) > 24) { + // too long usernames are cut by database and may cause bugs when compared + return false; + } elseif (preg_match('/(\W)/', $username) > 0) { + // forbidden non-alphanumeric characters + return false; + } + return true; + } - function isValidEmail($email) { - if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) { - list($emailUser, $emailDomain) = split("@", $email); - // Check if the email domain has a DNS record - if ($this->_checkdns($emailDomain)) { - return true; - } - } - return false; - } - // Properties - function getTableName() { return $this->tablename; } - function setTableName($value) { $this->tablename = $value; } + function isValidEmail($email) { + if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) { + list($emailUser, $emailDomain) = split("@", $email); - function getFieldName($field) { return $this->fields[$field]; } - function setFieldName($field, $value) { $this->fields[$field] = $value; } + // Check if the email domain has a DNS record + if ($this->_checkdns($emailDomain)) { + return true; + } + } + return false; + } - function getSessionKey() { return $this->sessionkey; } - function setSessionKey($value) { $this->sessionkey = $value; } + // Properties + function getTableName() { return $this->tablename; } + function setTableName($value) { $this->tablename = $value; } - function getCookieKey() { return $this->cookiekey; } - function setCookieKey($value) { $this->cookiekey = $value; } + function getFieldName($field) { return $this->fields[$field]; } + function setFieldName($field, $value) { $this->fields[$field] = $value; } + + function getSessionKey() { return $this->sessionkey; } + function setSessionKey($value) { $this->sessionkey = $value; } + + function getCookieKey() { return $this->cookiekey; } + function setCookieKey($value) { $this->cookiekey = $value; } +} + +class User { + + var $id; + var $username; + var $isAdmin; + + function User($id, $username) { + $this->id = $id; + $this->username = $username; + } + + function getId() { + return $this->id; + } + + function getUsername() { + return $this->username; + } + + function isAdmin() { + // Look for value if not already set + if(!isset($this->isAdmin)) { + $userservice =& ServiceFactory::getServiceInstance('UserService'); + $this->isAdmin = $userservice->isAdmin($this->id); + } + return $this->isAdmin; + } } ?> diff --git a/templates/bookmarks.tpl.php b/templates/bookmarks.tpl.php index e95f787..475436b 100644 --- a/templates/bookmarks.tpl.php +++ b/templates/bookmarks.tpl.php @@ -8,9 +8,13 @@ $cdservice =& ServiceFactory::getServiceInstance('CommonDescriptionService'); -$logged_on_userid = $userservice->getCurrentUserId(); -$currentUser = $userservice->getCurrentUser(); -$currentUsername = $currentUser[$userservice->getFieldName('username')]; +//$logged_on_userid = $userservice->getCurrentUserId(); +//$currentUser = $userservice->getCurrentUser(); +//$currentUsername = $currentUser[$userservice->getFieldName('username')]; + +// Momentary useful to go to object code +$currentObjectUser = $userservice->getCurrentObjectUser(); + $pageName = isset($pageName)?$pageName:""; $this->includeTemplate($GLOBALS['top_include']); @@ -23,50 +27,45 @@ include('search.inc.php'); - -

- +

getLastTagDescription($currenttag)) { - $description = $cdservice->getLastTagDescription($currenttag); - echo nl2br(filter($description['cdDescription'])); + $description = $cdservice->getLastTagDescription($currenttag); + echo nl2br(filter($description['cdDescription'])); } elseif(isset($hash) && $cdservice->getLastBookmarkDescription($hash)) { - $description = $cdservice->getLastBookmarkDescription($hash); - echo nl2br(filter($description['cdTitle'])). "
"; - echo nl2br(filter($description['cdDescription'])). "
"; + $description = $cdservice->getLastBookmarkDescription($hash); + echo nl2br(filter($description['cdTitle'])). "
"; + echo nl2br(filter($description['cdDescription'])). "
"; } -if($logged_on_userid>0) { - if(isset($currenttag)) { - echo ' ('; - echo T_('edit common description').')'; - } elseif(isset($hash)) { - echo ' ('; - echo T_('edit common description').')'; - } +if($userservice->isLoggedOn()) { + if(isset($currenttag)) { + echo ' ('; + echo T_('edit common description').')'; + } elseif(isset($hash)) { + echo ' ('; + echo T_('edit common description').')'; + } } -?> -

+?>

getUserByUsername($user); - if($tagservice->getDescription($currenttag, $userObject['uId'])) { ?> + $userObject = $userservice->getUserByUsername($user); + if($tagservice->getDescription($currenttag, $userObject['uId'])) { ?> + +

getDescription($currenttag, $userObject['uId']); +echo nl2br(filter($description['tDescription'])); +?>

-

getDescription($currenttag, $userObject['uId']); - echo nl2br(filter($description['tDescription'])); -?> -

- - @@ -75,202 +74,195 @@ if(isset($currenttag) && isset($user)) { window.onload = playerLoad; -

- - - - - / - / - - - - - - + +/ +/ + '; - echo T_('Bookmarks from other users for this tag').''; - //echo T_(' for these tags'); - } else if($logged_on_userid>0){ - echo ' - '; - echo ''; - echo T_('Only your bookmarks for this tag').''; - //echo T_(' for these tags'); + echo ' - '; + echo ''; + echo T_('Bookmarks from other users for this tag').''; + //echo T_(' for these tags'); + } else if($userservice->isLoggedOn()){ + echo ' - '; + echo ''; + echo T_('Only your bookmarks for this tag').''; + //echo T_(' for these tags'); } - } - ?> -

+} +?>

- 0 ? ' start="'. ++$start .'"' : ''); ?> id="bookmarks"> +
    0 ? ' start="'. ++$start .'"' : ''); ?> + id="bookmarks"> - '. filter($tag) .', '; - $tagsForCopy.= $tag.','; - } - $cats = substr($cats, 0, -2); - if ($cats != '') { - $cats = ' '.T_('in').' '. $cats; - } + $tag =& $tags[$key]; + $cats .= ', '; + $tagsForCopy.= $tag.','; + } + $cats = substr($cats, 0, -2); + if ($cats != '') { + $cats = ' '.T_('in').' '. $cats; + } - // Edit and delete links - $edit = ''; - if ($bookmarkservice->editAllowed($row['bId'])) { - $edit = ' - '. T_('Edit') .''; - } + // Edit and delete links + $edit = ''; + if ($bookmarkservice->editAllowed($row['bId'])) { + $edit = ' - '. T_('Edit') .''; + } - // User attribution - $copy = ''; - if (!isset($user) || isset($watched)) { - $copy = ' '. T_('by') .' '. $row['username'] .''; - } + // User attribution + $copy = ''; + if (!isset($user) || isset($watched)) { + $copy = ' '. T_('by') .' '. $row['username'] .''; + } - // Udders! - if (!isset($hash)) { - $others = $bookmarkservice->countOthers($row['bAddress']); - $ostart = ''; - $oend = ''; - switch ($others) { - case 0: - break; - case 1: - $copy .= sprintf(T_(' and %s1 other%s'), $ostart, $oend); - break; - default: - $copy .= sprintf(T_(' and %2$s%1$s others%3$s'), $others, $ostart, $oend); - } - } + // Udders! + if (!isset($hash)) { + $others = $bookmarkservice->countOthers($row['bAddress']); + $ostart = ''; + $oend = ''; + switch ($others) { + case 0: + break; + case 1: + $copy .= sprintf(T_(' and %s1 other%s'), $ostart, $oend); + break; + default: + $copy .= sprintf(T_(' and %2$s%1$s others%3$s'), $others, $ostart, $oend); + } + } - // Copy link - if ($userservice->isLoggedOn() && ($logged_on_userid != $row['uId']) && !$bookmarkservice->bookmarkExists($row['bAddress'], $logged_on_userid)) { - // Get the username of the current user - $currentUser = $userservice->getCurrentUser(); - $currentUsername = $currentUser[$userservice->getFieldName('username')]; - $copy .= ' - '. T_('Copy') .''; - } + // Copy link + if ($userservice->isLoggedOn() + && ($currentObjectUser->getId() != $row['uId']) + && !$bookmarkservice->bookmarkExists($row['bAddress'], $currentObjectUser->getId())) { + $copy .= ' - '. T_('Copy') .''; + } - // Nofollow option - $rel = ''; - if ($GLOBALS['nofollow']) { - $rel = ' rel="nofollow"'; - } + // Nofollow option + $rel = ''; + if ($GLOBALS['nofollow']) { + $rel = ' rel="nofollow"'; + } - $address = filter($row['bAddress']); - - // Redirection option - if ($GLOBALS['useredir']) { - $address = $GLOBALS['url_redir'] . $address; - } - - // Output - echo '
  1. '."\n"; - if ($GLOBALS['enableWebsiteThumbnails']) { - $thumbnailHash = md5($address.$GLOBALS['thumbnailsUserId'].$GLOBALS['thumbnailsKey']); - echo ' '; + $address = filter($row['bAddress']); + + // Redirection option + if ($GLOBALS['useredir']) { + $address = $GLOBALS['url_redir'] . $address; + } + + // Output + echo '
  2. '."\n"; + if ($GLOBALS['enableWebsiteThumbnails']) { + $thumbnailHash = md5($address.$GLOBALS['thumbnailsUserId'].$GLOBALS['thumbnailsKey']); + echo ' '; + } + echo '
    '; + + echo '
    '. filter($row['bTitle']) ."
    \n"; + if ($row['bDescription'] == '') { + $row['bDescription'] = '-'; + } + echo '
    '. filter($row['bDescription']) ."
    \n"; + if(!isset($hash)) { + echo '
    '.shortenString($address).'
    '; + } + + echo '
    '. date($GLOBALS['shortdate'], strtotime($row['bDatetime'])) . $cats . $copy . $edit ."
    \n"; + + echo '
    '; + + echo "
    3. \n"; } - echo '
    '; - - echo '
    '. filter($row['bTitle']) ."
    \n"; - if ($row['bDescription'] == '') { - $row['bDescription'] = '-'; - } - echo '
    '. filter($row['bDescription']) ."
    \n"; - if(!isset($hash)) { - echo '
    '.shortenString($address).'
    '; - } - - echo '
    '. date($GLOBALS['shortdate'], strtotime($row['bDatetime'])) . $cats . $copy . $edit ."
    \n"; - - echo '
    '; - - echo "\n"; - } - ?> + ?>
- '. T_('First') .''; - $bprev = ''. T_('Previous') .''; - } else { - $prev = $page - 1; - $prev = 'page='. $prev; - $start = ($page - 1) * $perpage; - $bfirst= ''. T_('First') .''; - $bprev = ''. T_('Previous') .''; - } - - // Next - $next = $page + 1; - $totalpages = ceil($total / $perpage); - if (count($bookmarks) < $perpage || $perpage * $page == $total) { - $bnext = ''. T_('Next') .''; - $blast = ''. T_('Last') ."\n"; - } else { - $bnext = ''. T_('Next') .''; - $blast = ''. T_('Last') ."\n"; - } + '. $rsschannels[$i][0] .''; - } + // Ordering + $sortOrder = ''; + if (isset($_GET['sort'])) { + $sortOrder = 'sort='. $_GET['sort']; + } + + $sortAmp = (($sortOrder) ? '&'. $sortOrder : ''); + $sortQue = (($sortOrder) ? '?'. $sortOrder : ''); + + // Previous + $perpage = getPerPageCount(); + if (!$page || $page < 2) { + $page = 1; + $start = 0; + $bfirst = ''. T_('First') .''; + $bprev = ''. T_('Previous') .''; + } else { + $prev = $page - 1; + $prev = 'page='. $prev; + $start = ($page - 1) * $perpage; + $bfirst= ''. T_('First') .''; + $bprev = ''. T_('Previous') .''; + } + + // Next + $next = $page + 1; + $totalpages = ceil($total / $perpage); + if (count($bookmarks) < $perpage || $perpage * $page == $total) { + $bnext = ''. T_('Next') .''; + $blast = ''. T_('Last') ."\n"; + } else { + $bnext = ''. T_('Next') .''; + $blast = ''. T_('Last') ."\n"; + } + + // RSS + $brss = ''; + $size = count($rsschannels); + for ($i = 0; $i < $size; $i++) { + $brss = ''. $rsschannels[$i][0] .''; + } + + echo '

'. $bfirst .' / '. $bprev .' / '. $bnext .' / '. $blast .' / '. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ."

\n"; - echo '

'. $bfirst .' / '. $bprev .' / '. $bnext .' / '. $blast .' / '. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ."

\n"; - } else { - echo '

'.T_('No bookmarks available').'

'; + echo '

'.T_('No bookmarks available').'

'; } $this->includeTemplate('sidebar.tpl'); $this->includeTemplate($GLOBALS['bottom_include']);