Minor refactoring: introduce user as an object.

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@172 b3834d28-1941-0410-a4f8-b48e95affb8f
This commit is contained in:
mensonge 2008-11-21 18:45:18 +00:00
parent 49dec69230
commit 9aafe7551e
3 changed files with 590 additions and 553 deletions

View file

@ -13,7 +13,6 @@ if(DEBUG_MODE) {
ini_set('display_errors', '1'); ini_set('display_errors', '1');
ini_set('mysql.trace_mode', '1'); ini_set('mysql.trace_mode', '1');
error_reporting(E_ALL); error_reporting(E_ALL);
//error_reporting(E_ALL^E_NOTICE);
} else { } else {
ini_set('display_errors', '0'); ini_set('display_errors', '0');
ini_set('mysql.trace_mode', '0'); ini_set('mysql.trace_mode', '0');

View file

@ -1,6 +1,15 @@
<?php <?php
class UserService { class UserService {
var $db; var $db;
var $fields = array(
'primary' => 'uId',
'username' => 'username',
'password' => 'password');
var $profileurl;
var $tablename;
var $sessionkey;
var $cookiekey;
var $cookietime = 1209600; // 2 weeks
function &getInstance(&$db) { function &getInstance(&$db) {
static $instance; static $instance;
@ -9,423 +18,460 @@ class UserService {
return $instance; return $instance;
} }
var $fields = array( function UserService(& $db) {
'primary' => 'uId', $this->db =& $db;
'username' => 'username', $this->tablename = $GLOBALS['tableprefix'] .'users';
'password' => 'password' $this->sessionkey = INSTALLATION_ID.'-currentuserid';
); $this->cookiekey = INSTALLATION_ID.'-login';
var $profileurl; $this->profileurl = createURL('profile', '%2$s');
var $tablename; }
var $sessionkey;
var $cookiekey;
var $cookietime = 1209600; // 2 weeks
function UserService(& $db) { function _checkdns($host) {
$this->db =& $db; if (function_exists('checkdnsrr')) {
$this->tablename = $GLOBALS['tableprefix'] .'users'; return checkdnsrr($host);
$this->sessionkey = INSTALLATION_ID.'-currentuserid'; } else {
$this->cookiekey = INSTALLATION_ID.'-login'; return $this->_checkdnsrr($host);
$this->profileurl = createURL('profile', '%2$s'); }
} }
function _checkdns($host) { function _checkdnsrr($host, $type = "MX") {
if (function_exists('checkdnsrr')) { if(!empty($host)) {
return checkdnsrr($host); @exec("nslookup -type=$type $host", $output);
} else { while(list($k, $line) = each($output)) {
return $this->_checkdnsrr($host); if(eregi("^$host", $line)) {
} return true;
} }
}
return false;
}
}
function _checkdnsrr($host, $type = "MX") { function _getuser($fieldname, $value) {
if(!empty($host)) { $query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"';
@exec("nslookup -type=$type $host", $output);
while(list($k, $line) = each($output)) {
if(eregi("^$host", $line)) {
return true;
}
}
return false;
}
}
function _getuser($fieldname, $value) { if (! ($dbresult =& $this->db->sql_query($query)) ) {
$query = 'SELECT * FROM '. $this->getTableName() .' WHERE '. $fieldname .' = "'. $this->db->sql_escape($value) .'"'; message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
return false;
}
if (! ($dbresult =& $this->db->sql_query($query)) ) { if ($row =& $this->db->sql_fetchrow($dbresult))
message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); return $row;
return false; else
} return false;
}
if ($row =& $this->db->sql_fetchrow($dbresult)) function & getUsers($nb=0) {
return $row; $query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC';
else if($nb>0) {
return false; $query .= ' LIMIT 0, '.$nb;
} }
if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
return false;
}
function & getUsers($nb=0) { while ($row = & $this->db->sql_fetchrow($dbresult)) {
$query = 'SELECT * FROM '. $this->getTableName() .' ORDER BY `uId` DESC'; $users[] = $row;
if($nb>0) { }
$query .= ' LIMIT 0, '.$nb; return $users;
} }
if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
return false;
}
while ($row = & $this->db->sql_fetchrow($dbresult)) { function _randompassword() {
$users[] = $row; $seed = (integer) md5(microtime());
} mt_srand($seed);
return $users; $password = mt_rand(1, 99999999);
} $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12));
return $password;
}
function _randompassword() { function _updateuser($uId, $fieldname, $value) {
$seed = (integer) md5(microtime()); $updates = array ($fieldname => $value);
mt_srand($seed); $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
$password = mt_rand(1, 99999999);
$password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12));
return $password;
}
function _updateuser($uId, $fieldname, $value) { // Execute the statement.
$updates = array ($fieldname => $value); $this->db->sql_transaction('begin');
$sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId); if (!($dbresult = & $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
return false;
}
$this->db->sql_transaction('commit');
// Execute the statement. // Everything worked out, so return true.
$this->db->sql_transaction('begin'); return true;
if (!($dbresult = & $this->db->sql_query($sql))) { }
$this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
return false;
}
$this->db->sql_transaction('commit');
// Everything worked out, so return true. function getProfileUrl($id, $username) {
return true; return sprintf($this->profileurl, urlencode($id), urlencode($username));
} }
function getProfileUrl($id, $username) { function getUserByUsername($username) {
return sprintf($this->profileurl, urlencode($id), urlencode($username)); return $this->_getuser($this->getFieldName('username'), $username);
} }
function getUserByUsername($username) { function getUser($id) {
return $this->_getuser($this->getFieldName('username'), $username); return $this->_getuser($this->getFieldName('primary'), $id);
} }
// Momentary useful in order to go to object code
function getObjectUser($id) {
$user = $this->_getuser($this->getFieldName('primary'), $id);
return new User($id, $user[$this->getFieldName('username')]);
}
function getUser($id) { function isLoggedOn() {
return $this->_getuser($this->getFieldName('primary'), $id); return ($this->getCurrentUserId() !== false);
} }
function isLoggedOn() { function &getCurrentUser($refresh = FALSE, $newval = NULL) {
return ($this->getCurrentUserId() !== false); static $currentuser;
} if (!is_null($newval)) { //internal use only: reset currentuser
$currentuser = $newval;
} else if ($refresh || !isset($currentuser)) {
if ($id = $this->getCurrentUserId()) {
$currentuser = $this->getUser($id);
} else {
$currentuser = null;
}
}
return $currentuser;
}
// Momentary useful in order to go to object code
function getCurrentObjectUser($refresh = FALSE, $newval = NULL) {
static $currentObjectUser;
if (!is_null($newval)) { //internal use only: reset currentuser
$currentObjectUser = $newval;
} else if ($refresh || !isset($currentObjectUser)) {
if ($id = $this->getCurrentUserId()) {
$currentObjectUser = $this->getObjectUser($id);
} else {
$currentObjectUser = null;
}
}
return $currentObjectUser;
}
function &getCurrentUser($refresh = FALSE, $newval = NULL) { function isAdmin($userid) {
static $currentuser; $user = $this->getUser($userid);
if (!is_null($newval)) //internal use only: reset currentuser
$currentuser = $newval;
else if ($refresh || !isset($currentuser)) {
if ($id = $this->getCurrentUserId()) {
$currentuser = $this->getUser($id);
} else {
$currentuser = null;
}
}
return $currentuser;
}
function isAdmin($userid) { if(isset($GLOBALS['admin_users'])
$user = $this->getUser($userid); && in_array($user['username'], $GLOBALS['admin_users'])) {
return true;
if(isset($GLOBALS['admin_users']) } else {
&& in_array($user['username'], $GLOBALS['admin_users'])) { return false;
return true; }
} else { }
return false;
}
}
function getCurrentUserId() { /* return current user id based on session or cookie */
if (isset($_SESSION[$this->getSessionKey()])) { function getCurrentUserId() {
//echo "session";die($_SESSION[$this->getSessionKey()]); if (isset($_SESSION[$this->getSessionKey()])) {
return $_SESSION[$this->getSessionKey()]; return $_SESSION[$this->getSessionKey()];
} else if (isset($_COOKIE[$this->getCookieKey()])) { } else if (isset($_COOKIE[$this->getCookieKey()])) {
//echo "cookie";die(); $cook = split(':', $_COOKIE[$this->getCookieKey()]);
//cookie looks like this: 'id:md5(username+password)'
$cook = split(':', $_COOKIE[$this->getCookieKey()]); $query = 'SELECT * FROM '. $this->getTableName() .
//cookie looks like this: 'id:md5(username+password)'
$query = 'SELECT * FROM '. $this->getTableName() .
' WHERE MD5(CONCAT('.$this->getFieldName('username') . ' WHERE MD5(CONCAT('.$this->getFieldName('username') .
', '.$this->getFieldName('password') . ', '.$this->getFieldName('password') .
')) = \''.$this->db->sql_escape($cook[1]).'\' AND '. ')) = \''.$this->db->sql_escape($cook[1]).'\' AND '.
$this->getFieldName('primary'). ' = '. $this->db->sql_escape($cook[0]); $this->getFieldName('primary'). ' = '. $this->db->sql_escape($cook[0]);
if (! ($dbresult =& $this->db->sql_query($query)) ) { if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
if ($row = $this->db->sql_fetchrow($dbresult)) { if ($row = $this->db->sql_fetchrow($dbresult)) {
$_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
return $_SESSION[$this->getSessionKey()]; return $_SESSION[$this->getSessionKey()];
} }
} }
return false; return false;
} }
function login($username, $password, $remember = FALSE) { function login($username, $password, $remember = FALSE) {
$password = $this->sanitisePassword($password); $password = $this->sanitisePassword($password);
$query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"'; $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"';
if (! ($dbresult =& $this->db->sql_query($query)) ) { if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
if ($row =& $this->db->sql_fetchrow($dbresult)) { if ($row =& $this->db->sql_fetchrow($dbresult)) {
$id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
if ($remember) { if ($remember) {
$cookie = $id .':'. md5($username.$password); $cookie = $id .':'. md5($username.$password);
setcookie($this->cookiekey, $cookie, time() + $this->cookietime, '/'); setcookie($this->cookiekey, $cookie, time() + $this->cookietime, '/');
} }
return true; return true;
} else { } else {
return false; return false;
} }
} }
function logout() { function logout() {
@setcookie($this->getCookiekey(), '', time() - 1, '/'); @setcookie($this->getCookiekey(), '', time() - 1, '/');
unset($_COOKIE[$this->getCookiekey()]); unset($_COOKIE[$this->getCookiekey()]);
session_unset(); session_unset();
$this->getCurrentUser(TRUE, false); $this->getCurrentUser(TRUE, false);
} }
function getWatchlist($uId) { function getWatchlist($uId) {
// Gets the list of user IDs being watched by the given user. // Gets the list of user IDs being watched by the given user.
$query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId); $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($uId);
if (! ($dbresult =& $this->db->sql_query($query)) ) { if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
$arrWatch = array(); $arrWatch = array();
if ($this->db->sql_numrows($dbresult) == 0) if ($this->db->sql_numrows($dbresult) == 0)
return $arrWatch; return $arrWatch;
while ($row =& $this->db->sql_fetchrow($dbresult)) while ($row =& $this->db->sql_fetchrow($dbresult))
$arrWatch[] = $row['watched']; $arrWatch[] = $row['watched'];
return $arrWatch; return $arrWatch;
} }
function getWatchNames($uId, $watchedby = false) { function getWatchNames($uId, $watchedby = false) {
// Gets the list of user names being watched by the given user. // Gets the list of user names being watched by the given user.
// - If $watchedby is false get the list of users that $uId watches // - If $watchedby is false get the list of users that $uId watches
// - If $watchedby is true get the list of users that watch $uId // - If $watchedby is true get the list of users that watch $uId
if ($watchedby) { if ($watchedby) {
$table1 = 'b'; $table1 = 'b';
$table2 = 'a'; $table2 = 'a';
} else { } else {
$table1 = 'a'; $table1 = 'a';
$table2 = 'b'; $table2 = 'b';
} }
$query = 'SELECT '. $table1 .'.'. $this->getFieldName('username') .' FROM '. $GLOBALS['tableprefix'] .'watched AS W, '. $this->getTableName() .' AS a, '. $this->getTableName() .' AS b WHERE W.watched = a.'. $this->getFieldName('primary') .' AND W.uId = b.'. $this->getFieldName('primary') .' AND '. $table2 .'.'. $this->getFieldName('primary') .' = '. intval($uId) .' ORDER BY '. $table1 .'.'. $this->getFieldName('username'); $query = 'SELECT '. $table1 .'.'. $this->getFieldName('username') .' FROM '. $GLOBALS['tableprefix'] .'watched AS W, '. $this->getTableName() .' AS a, '. $this->getTableName() .' AS b WHERE W.watched = a.'. $this->getFieldName('primary') .' AND W.uId = b.'. $this->getFieldName('primary') .' AND '. $table2 .'.'. $this->getFieldName('primary') .' = '. intval($uId) .' ORDER BY '. $table1 .'.'. $this->getFieldName('username');
if (!($dbresult =& $this->db->sql_query($query))) { if (!($dbresult =& $this->db->sql_query($query))) {
message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not get watchlist', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
$arrWatch = array(); $arrWatch = array();
if ($this->db->sql_numrows($dbresult) == 0) { if ($this->db->sql_numrows($dbresult) == 0) {
return $arrWatch; return $arrWatch;
} }
while ($row =& $this->db->sql_fetchrow($dbresult)) { while ($row =& $this->db->sql_fetchrow($dbresult)) {
$arrWatch[] = $row[$this->getFieldName('username')]; $arrWatch[] = $row[$this->getFieldName('username')];
} }
return $arrWatch; return $arrWatch;
} }
function getWatchStatus($watcheduser, $currentuser) { function getWatchStatus($watcheduser, $currentuser) {
// Returns true if the current user is watching the given user, and false otherwise. // Returns true if the current user is watching the given user, and false otherwise.
$query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser); $query = 'SELECT watched FROM '. $GLOBALS['tableprefix'] .'watched AS W INNER JOIN '. $this->getTableName() .' AS U ON U.'. $this->getFieldName('primary') .' = W.watched WHERE U.'. $this->getFieldName('primary') .' = '. intval($watcheduser) .' AND W.uId = '. intval($currentuser);
if (! ($dbresult =& $this->db->sql_query($query)) ) { if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not get watchstatus', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
$arrWatch = array(); $arrWatch = array();
if ($this->db->sql_numrows($dbresult) == 0) if ($this->db->sql_numrows($dbresult) == 0)
return false; return false;
else else
return true; return true;
} }
function setWatchStatus($subjectUserID) { function setWatchStatus($subjectUserID) {
if (!is_numeric($subjectUserID)) if (!is_numeric($subjectUserID))
return false; return false;
$currentUserID = $this->getCurrentUserId(); $currentUserID = $this->getCurrentUserId();
$watched = $this->getWatchStatus($subjectUserID, $currentUserID); $watched = $this->getWatchStatus($subjectUserID, $currentUserID);
if ($watched) { if ($watched) {
$sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID); $sql = 'DELETE FROM '. $GLOBALS['tableprefix'] .'watched WHERE uId = '. intval($currentUserID) .' AND watched = '. intval($subjectUserID);
if (!($dbresult =& $this->db->sql_query($sql))) { if (!($dbresult =& $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback'); $this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db); message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
return false; return false;
} }
} else { } else {
$values = array( $values = array(
'uId' => intval($currentUserID), 'uId' => intval($currentUserID),
'watched' => intval($subjectUserID) 'watched' => intval($subjectUserID)
); );
$sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values); $sql = 'INSERT INTO '. $GLOBALS['tableprefix'] .'watched '. $this->db->sql_build_array('INSERT', $values);
if (!($dbresult =& $this->db->sql_query($sql))) { if (!($dbresult =& $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback'); $this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db); message_die(GENERAL_ERROR, 'Could not add user to watch list', '', __LINE__, __FILE__, $sql, $this->db);
return false; return false;
} }
} }
$this->db->sql_transaction('commit'); $this->db->sql_transaction('commit');
return true; return true;
} }
function addUser($username, $password, $email) { function addUser($username, $password, $email) {
// Set up the SQL UPDATE statement. // Set up the SQL UPDATE statement.
$datetime = gmdate('Y-m-d H:i:s', time()); $datetime = gmdate('Y-m-d H:i:s', time());
$password = $this->sanitisePassword($password); $password = $this->sanitisePassword($password);
$values = array('username' => $username, 'password' => $password, 'email' => $email, 'uDatetime' => $datetime, 'uModified' => $datetime); $values = array('username' => $username, 'password' => $password, 'email' => $email, 'uDatetime' => $datetime, 'uModified' => $datetime);
$sql = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values); $sql = 'INSERT INTO '. $this->getTableName() .' '. $this->db->sql_build_array('INSERT', $values);
// Execute the statement. // Execute the statement.
$this->db->sql_transaction('begin'); $this->db->sql_transaction('begin');
if (!($dbresult = & $this->db->sql_query($sql))) { if (!($dbresult = & $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback'); $this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not insert user', '', __LINE__, __FILE__, $sql, $this->db); message_die(GENERAL_ERROR, 'Could not insert user', '', __LINE__, __FILE__, $sql, $this->db);
return false; return false;
} }
$this->db->sql_transaction('commit'); $this->db->sql_transaction('commit');
// Everything worked out, so return true. // Everything worked out, so return true.
return true; return true;
} }
function updateUser($uId, $password, $name, $email, $homepage, $uContent) { function updateUser($uId, $password, $name, $email, $homepage, $uContent) {
if (!is_numeric($uId)) if (!is_numeric($uId))
return false; return false;
// Set up the SQL UPDATE statement. // Set up the SQL UPDATE statement.
$moddatetime = gmdate('Y-m-d H:i:s', time()); $moddatetime = gmdate('Y-m-d H:i:s', time());
if ($password == '') if ($password == '')
$updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent); $updates = array ('uModified' => $moddatetime, 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
else else
$updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent); $updates = array ('uModified' => $moddatetime, 'password' => $this->sanitisePassword($password), 'name' => $name, 'email' => $email, 'homepage' => $homepage, 'uContent' => $uContent);
$sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId); $sql = 'UPDATE '. $this->getTableName() .' SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE '. $this->getFieldName('primary') .'='. intval($uId);
// Execute the statement. // Execute the statement.
$this->db->sql_transaction('begin'); $this->db->sql_transaction('begin');
if (!($dbresult = & $this->db->sql_query($sql))) { if (!($dbresult = & $this->db->sql_query($sql))) {
$this->db->sql_transaction('rollback'); $this->db->sql_transaction('rollback');
message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db); message_die(GENERAL_ERROR, 'Could not update user', '', __LINE__, __FILE__, $sql, $this->db);
return false; return false;
} }
$this->db->sql_transaction('commit'); $this->db->sql_transaction('commit');
// Everything worked out, so return true. // Everything worked out, so return true.
return true; return true;
} }
function getAllUsers ( ) { function getAllUsers ( ) {
$query = 'SELECT * FROM '. $this->getTableName(); $query = 'SELECT * FROM '. $this->getTableName();
if (! ($dbresult =& $this->db->sql_query($query)) ) { if (! ($dbresult =& $this->db->sql_query($query)) ) {
message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not get users', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
$rows = array(); $rows = array();
while ( $row = $this->db->sql_fetchrow($dbresult) ) { while ( $row = $this->db->sql_fetchrow($dbresult) ) {
$rows[] = $row; $rows[] = $row;
} }
return $rows; return $rows;
} }
function deleteUser($uId) { function deleteUser($uId) {
$query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId); $query = 'DELETE FROM '. $this->getTableName() .' WHERE uId = '. intval($uId);
if (!($dbresult = & $this->db->sql_query($query))) { if (!($dbresult = & $this->db->sql_query($query))) {
message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db); message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $query, $this->db);
return false; return false;
} }
return true; return true;
} }
function sanitisePassword($password) { function sanitisePassword($password) {
return sha1(trim($password)); return sha1(trim($password));
} }
function generatePassword($uId) { function generatePassword($uId) {
if (!is_numeric($uId)) if (!is_numeric($uId))
return false; return false;
$password = $this->_randompassword(); $password = $this->_randompassword();
if ($this->_updateuser($uId, $this->getFieldName('password'), $this->sanitisePassword($password))) if ($this->_updateuser($uId, $this->getFieldName('password'), $this->sanitisePassword($password)))
return $password; return $password;
else else
return false; return false;
} }
function isReserved($username) { function isReserved($username) {
if (in_array($username, $GLOBALS['reservedusers'])) { if (in_array($username, $GLOBALS['reservedusers'])) {
return true; return true;
} else { } else {
return false; return false;
} }
} }
function isValidUsername($username) {
if (strlen($username) > 24) {
// too long usernames are cut by database and may cause bugs when compared
return false;
} elseif (preg_match('/(\W)/', $username) > 0) {
// forbidden non-alphanumeric characters
return false;
}
return true;
}
function isValidUsername($username) {
if (strlen($username) > 24) {
// too long usernames are cut by database and may cause bugs when compared
return false;
} elseif (preg_match('/(\W)/', $username) > 0) {
// forbidden non-alphanumeric characters
return false;
}
return true;
}
function isValidEmail($email) {
if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {
list($emailUser, $emailDomain) = split("@", $email);
// Check if the email domain has a DNS record
if ($this->_checkdns($emailDomain)) {
return true;
}
}
return false;
}
// Properties function isValidEmail($email) {
function getTableName() { return $this->tablename; } if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {
function setTableName($value) { $this->tablename = $value; } list($emailUser, $emailDomain) = split("@", $email);
function getFieldName($field) { return $this->fields[$field]; } // Check if the email domain has a DNS record
function setFieldName($field, $value) { $this->fields[$field] = $value; } if ($this->_checkdns($emailDomain)) {
return true;
}
}
return false;
}
function getSessionKey() { return $this->sessionkey; } // Properties
function setSessionKey($value) { $this->sessionkey = $value; } function getTableName() { return $this->tablename; }
function setTableName($value) { $this->tablename = $value; }
function getCookieKey() { return $this->cookiekey; } function getFieldName($field) { return $this->fields[$field]; }
function setCookieKey($value) { $this->cookiekey = $value; } function setFieldName($field, $value) { $this->fields[$field] = $value; }
function getSessionKey() { return $this->sessionkey; }
function setSessionKey($value) { $this->sessionkey = $value; }
function getCookieKey() { return $this->cookiekey; }
function setCookieKey($value) { $this->cookiekey = $value; }
}
class User {
var $id;
var $username;
var $isAdmin;
function User($id, $username) {
$this->id = $id;
$this->username = $username;
}
function getId() {
return $this->id;
}
function getUsername() {
return $this->username;
}
function isAdmin() {
// Look for value if not already set
if(!isset($this->isAdmin)) {
$userservice =& ServiceFactory::getServiceInstance('UserService');
$this->isAdmin = $userservice->isAdmin($this->id);
}
return $this->isAdmin;
}
} }
?> ?>

View file

@ -8,9 +8,13 @@ $cdservice =& ServiceFactory::getServiceInstance('CommonDescriptionService');
$logged_on_userid = $userservice->getCurrentUserId(); //$logged_on_userid = $userservice->getCurrentUserId();
$currentUser = $userservice->getCurrentUser(); //$currentUser = $userservice->getCurrentUser();
$currentUsername = $currentUser[$userservice->getFieldName('username')]; //$currentUsername = $currentUser[$userservice->getFieldName('username')];
// Momentary useful to go to object code
$currentObjectUser = $userservice->getCurrentObjectUser();
$pageName = isset($pageName)?$pageName:""; $pageName = isset($pageName)?$pageName:"";
$this->includeTemplate($GLOBALS['top_include']); $this->includeTemplate($GLOBALS['top_include']);
@ -23,50 +27,45 @@ include('search.inc.php');
<?php endif?> <?php endif?>
<?php
if((isset($currenttag) && $GLOBALS['enableCommonTagDescription'])
|| (isset($hash) && $GLOBALS['enableCommonBookmarkDescription'])):?>
<p class="commondescription">
<?php <?php
if((isset($currenttag) && $GLOBALS['enableCommonTagDescription'])
|| (isset($hash) && $GLOBALS['enableCommonBookmarkDescription'])):?>
<p class="commondescription"><?php
if(isset($currenttag) && $cdservice->getLastTagDescription($currenttag)) { if(isset($currenttag) && $cdservice->getLastTagDescription($currenttag)) {
$description = $cdservice->getLastTagDescription($currenttag); $description = $cdservice->getLastTagDescription($currenttag);
echo nl2br(filter($description['cdDescription'])); echo nl2br(filter($description['cdDescription']));
} elseif(isset($hash) && $cdservice->getLastBookmarkDescription($hash)) { } elseif(isset($hash) && $cdservice->getLastBookmarkDescription($hash)) {
$description = $cdservice->getLastBookmarkDescription($hash); $description = $cdservice->getLastBookmarkDescription($hash);
echo nl2br(filter($description['cdTitle'])). "<br/>"; echo nl2br(filter($description['cdTitle'])). "<br/>";
echo nl2br(filter($description['cdDescription'])). "<br/>"; echo nl2br(filter($description['cdDescription'])). "<br/>";
} }
if($logged_on_userid>0) { if($userservice->isLoggedOn()) {
if(isset($currenttag)) { if(isset($currenttag)) {
echo ' (<a href="'. createURL('tagcommondescriptionedit', $currenttag).'">'; echo ' (<a href="'. createURL('tagcommondescriptionedit', $currenttag).'">';
echo T_('edit common description').'</a>)'; echo T_('edit common description').'</a>)';
} elseif(isset($hash)) { } elseif(isset($hash)) {
echo ' (<a href="'.createURL('bookmarkcommondescriptionedit', $hash).'">'; echo ' (<a href="'.createURL('bookmarkcommondescriptionedit', $hash).'">';
echo T_('edit common description').'</a>)'; echo T_('edit common description').'</a>)';
} }
} }
?> ?></p>
</p>
<?php endif ?> <?php endif ?>
<?php <?php
/* Private tag description */ /* Private tag description */
if(isset($currenttag) && isset($user)) { if(isset($currenttag) && isset($user)) {
$userObject = $userservice->getUserByUsername($user); $userObject = $userservice->getUserByUsername($user);
if($tagservice->getDescription($currenttag, $userObject['uId'])) { ?> if($tagservice->getDescription($currenttag, $userObject['uId'])) { ?>
<p class="commondescription"><?php
$description = $tagservice->getDescription($currenttag, $userObject['uId']);
echo nl2br(filter($description['tDescription']));
?></p>
<p class="commondescription">
<?php <?php
$description = $tagservice->getDescription($currenttag, $userObject['uId']); }
echo nl2br(filter($description['tDescription']));
?>
</p>
<?php
}
} }
?> ?>
@ -75,202 +74,195 @@ if(isset($currenttag) && isset($user)) {
window.onload = playerLoad; window.onload = playerLoad;
</script> </script>
<p id="sort"> <p id="sort"><?php echo $total.' '.T_("bookmark(s)"); ?> - <?php echo T_("Sort by:"); ?>
<?php echo $total.' '.T_("bookmark(s)"); ?> - <?php
<?php echo T_("Sort by:"); ?> $dateSort = (getSortOrder()=='date_desc')? 'date_asc':'date_desc';
<?php $titleSort = (getSortOrder()=='title_asc')? 'title_desc':'title_asc';
$dateSort = (getSortOrder()=='date_desc')? 'date_asc':'date_desc'; $urlSort = (getSortOrder()=='url_asc')? 'url_desc':'url_asc';
$titleSort = (getSortOrder()=='title_asc')? 'title_desc':'title_asc'; ?> <a href="?sort=<?php echo $dateSort ?>"><?php echo T_("Date"); ?></a><span>
$urlSort = (getSortOrder()=='url_asc')? 'url_desc':'url_asc'; / </span> <a href="?sort=<?php echo $titleSort ?>"><?php echo T_("Title"); ?></a><span>
?> / </span> <?php
<a href="?sort=<?php echo $dateSort ?>"><?php echo T_("Date"); ?></a><span> / </span> if (!isset($hash)) {
<a href="?sort=<?php echo $titleSort ?>"><?php echo T_("Title"); ?></a><span> / </span> ?> <a href="?sort=<?php echo $urlSort ?>"><?php echo T_("URL"); ?></a>
<?php <?php
if (!isset($hash)) { }
?> ?> <?php
<a href="?sort=<?php echo $urlSort ?>"><?php echo T_("URL"); ?></a> if(isset($currenttag)) {
<?php
}
?>
<?php
if(isset($currenttag)) {
if(isset($user)) { if(isset($user)) {
echo ' - '; echo ' - ';
echo '<a href="'. createURL('tags', $currenttag) .'">'; echo '<a href="'. createURL('tags', $currenttag) .'">';
echo T_('Bookmarks from other users for this tag').'</a>'; echo T_('Bookmarks from other users for this tag').'</a>';
//echo T_(' for these tags'); //echo T_(' for these tags');
} else if($logged_on_userid>0){ } else if($userservice->isLoggedOn()){
echo ' - '; echo ' - ';
echo '<a href="'. createURL('bookmarks', $currentUsername.'/'.$currenttag) .'">'; echo '<a href="'. createURL('bookmarks', $currentObjectUser->getUsername().'/'.$currenttag) .'">';
echo T_('Only your bookmarks for this tag').'</a>'; echo T_('Only your bookmarks for this tag').'</a>';
//echo T_(' for these tags'); //echo T_(' for these tags');
} }
} }
?> ?></p>
</p>
<ol<?php echo ($start > 0 ? ' start="'. ++$start .'"' : ''); ?> id="bookmarks"> <ol <?php echo ($start > 0 ? ' start="'. ++$start .'"' : ''); ?>
id="bookmarks">
<?php <?php
foreach(array_keys($bookmarks) as $key) { foreach(array_keys($bookmarks) as $key) {
$row =& $bookmarks[$key]; $row =& $bookmarks[$key];
switch ($row['bStatus']) { switch ($row['bStatus']) {
case 0: case 0:
$access = ''; $access = '';
break; break;
case 1: case 1:
$access = ' shared'; $access = ' shared';
break; break;
case 2: case 2:
$access = ' private'; $access = ' private';
break; break;
} }
$cats = ''; $cats = '';
$tagsForCopy = ''; $tagsForCopy = '';
$tags = $row['tags']; $tags = $row['tags'];
foreach(array_keys($tags) as $key) { foreach(array_keys($tags) as $key) {
$tag =& $tags[$key]; $tag =& $tags[$key];
$cats .= '<a href="'. sprintf($cat_url, filter($row['username'], 'url'), filter($tag, 'url')) .'" rel="tag">'. filter($tag) .'</a>, '; $cats .= '<a href="'. sprintf($cat_url, filter($row['username'], 'url'), filter($tag, 'url')) .'" rel="tag">'. filter($tag) .'</a>, ';
$tagsForCopy.= $tag.','; $tagsForCopy.= $tag.',';
} }
$cats = substr($cats, 0, -2); $cats = substr($cats, 0, -2);
if ($cats != '') { if ($cats != '') {
$cats = ' '.T_('in').' '. $cats; $cats = ' '.T_('in').' '. $cats;
} }
// Edit and delete links // Edit and delete links
$edit = ''; $edit = '';
if ($bookmarkservice->editAllowed($row['bId'])) { if ($bookmarkservice->editAllowed($row['bId'])) {
$edit = ' - <a href="'. createURL('edit', $row['bId']) .'">'. T_('Edit') .'</a><script type="text/javascript">document.write(" - <a href=\"#\" onclick=\"deleteBookmark(this, '. $row['bId'] .'); return false;\">'. T_('Delete') .'<\/a>");</script>'; $edit = ' - <a href="'. createURL('edit', $row['bId']) .'">'. T_('Edit') .'</a><script type="text/javascript">document.write(" - <a href=\"#\" onclick=\"deleteBookmark(this, '. $row['bId'] .'); return false;\">'. T_('Delete') .'<\/a>");</script>';
} }
// User attribution // User attribution
$copy = ''; $copy = '';
if (!isset($user) || isset($watched)) { if (!isset($user) || isset($watched)) {
$copy = ' '. T_('by') .' <a href="'. createURL('bookmarks', $row['username']) .'">'. $row['username'] .'</a>'; $copy = ' '. T_('by') .' <a href="'. createURL('bookmarks', $row['username']) .'">'. $row['username'] .'</a>';
} }
// Udders! // Udders!
if (!isset($hash)) { if (!isset($hash)) {
$others = $bookmarkservice->countOthers($row['bAddress']); $others = $bookmarkservice->countOthers($row['bAddress']);
$ostart = '<a href="'. createURL('history', $row['bHash']) .'">'; $ostart = '<a href="'. createURL('history', $row['bHash']) .'">';
$oend = '</a>'; $oend = '</a>';
switch ($others) { switch ($others) {
case 0: case 0:
break; break;
case 1: case 1:
$copy .= sprintf(T_(' and %s1 other%s'), $ostart, $oend); $copy .= sprintf(T_(' and %s1 other%s'), $ostart, $oend);
break; break;
default: default:
$copy .= sprintf(T_(' and %2$s%1$s others%3$s'), $others, $ostart, $oend); $copy .= sprintf(T_(' and %2$s%1$s others%3$s'), $others, $ostart, $oend);
} }
} }
// Copy link // Copy link
if ($userservice->isLoggedOn() && ($logged_on_userid != $row['uId']) && !$bookmarkservice->bookmarkExists($row['bAddress'], $logged_on_userid)) { if ($userservice->isLoggedOn()
// Get the username of the current user && ($currentObjectUser->getId() != $row['uId'])
$currentUser = $userservice->getCurrentUser(); && !$bookmarkservice->bookmarkExists($row['bAddress'], $currentObjectUser->getId())) {
$currentUsername = $currentUser[$userservice->getFieldName('username')]; $copy .= ' - <a href="'. createURL('bookmarks', $currentObjectUser->getUsername() .'?action=add&amp;address='. urlencode($row['bAddress']) .'&amp;title='. urlencode($row['bTitle'])). '&amp;description='.urlencode($row['bDescription']). '&amp;tags='.$tagsForCopy .'">'. T_('Copy') .'</a>';
$copy .= ' - <a href="'. createURL('bookmarks', $currentUsername .'?action=add&amp;address='. urlencode($row['bAddress']) .'&amp;title='. urlencode($row['bTitle'])). '&amp;description='.urlencode($row['bDescription']). '&amp;tags='.$tagsForCopy .'">'. T_('Copy') .'</a>'; }
}
// Nofollow option // Nofollow option
$rel = ''; $rel = '';
if ($GLOBALS['nofollow']) { if ($GLOBALS['nofollow']) {
$rel = ' rel="nofollow"'; $rel = ' rel="nofollow"';
} }
$address = filter($row['bAddress']); $address = filter($row['bAddress']);
// Redirection option // Redirection option
if ($GLOBALS['useredir']) { if ($GLOBALS['useredir']) {
$address = $GLOBALS['url_redir'] . $address; $address = $GLOBALS['url_redir'] . $address;
} }
// Output // Output
echo '<li class="xfolkentry'. $access .'">'."\n"; echo '<li class="xfolkentry'. $access .'">'."\n";
if ($GLOBALS['enableWebsiteThumbnails']) { if ($GLOBALS['enableWebsiteThumbnails']) {
$thumbnailHash = md5($address.$GLOBALS['thumbnailsUserId'].$GLOBALS['thumbnailsKey']); $thumbnailHash = md5($address.$GLOBALS['thumbnailsUserId'].$GLOBALS['thumbnailsKey']);
echo '<a href="'. $address .'"'. $rel .' ><img class="thumbnail" src="http://www.artviper.net/screenshots/screener.php?url='.$address.'&w=120&sdx=1280&userID='.$GLOBALS['thumbnailsUserId'].'&hash='.$thumbnailHash.'" /> '; echo '<a href="'. $address .'"'. $rel .' ><img class="thumbnail" src="http://www.artviper.net/screenshots/screener.php?url='.$address.'&w=120&sdx=1280&userID='.$GLOBALS['thumbnailsUserId'].'&hash='.$thumbnailHash.'" /> ';
}
echo '<div>';
echo '<div class="link"><a href="'. $address .'"'. $rel .' class="taggedlink">'. filter($row['bTitle']) ."</a></div>\n";
if ($row['bDescription'] == '') {
$row['bDescription'] = '-';
}
echo '<div class="description">'. filter($row['bDescription']) ."</div>\n";
if(!isset($hash)) {
echo '<div class="address">'.shortenString($address).'</div>';
}
echo '<div class="meta">'. date($GLOBALS['shortdate'], strtotime($row['bDatetime'])) . $cats . $copy . $edit ."</div>\n";
echo '</div>';
echo "</li>\n";
} }
echo '<div>'; ?>
echo '<div class="link"><a href="'. $address .'"'. $rel .' class="taggedlink">'. filter($row['bTitle']) ."</a></div>\n";
if ($row['bDescription'] == '') {
$row['bDescription'] = '-';
}
echo '<div class="description">'. filter($row['bDescription']) ."</div>\n";
if(!isset($hash)) {
echo '<div class="address">'.shortenString($address).'</div>';
}
echo '<div class="meta">'. date($GLOBALS['shortdate'], strtotime($row['bDatetime'])) . $cats . $copy . $edit ."</div>\n";
echo '</div>';
echo "</li>\n";
}
?>
</ol> </ol>
<?php <?php
// PAGINATION // PAGINATION
// Ordering
$sortOrder = '';
if (isset($_GET['sort'])) {
$sortOrder = 'sort='. $_GET['sort'];
}
$sortAmp = (($sortOrder) ? '&amp;'. $sortOrder : '');
$sortQue = (($sortOrder) ? '?'. $sortOrder : '');
// Previous
$perpage = getPerPageCount();
if (!$page || $page < 2) {
$page = 1;
$start = 0;
$bfirst = '<span class="disable">'. T_('First') .'</span>';
$bprev = '<span class="disable">'. T_('Previous') .'</span>';
} else {
$prev = $page - 1;
$prev = 'page='. $prev;
$start = ($page - 1) * $perpage;
$bfirst= '<a href="'. sprintf($nav_url, $user, $currenttag, '') . $sortQue .'">'. T_('First') .'</a>';
$bprev = '<a href="'. sprintf($nav_url, $user, $currenttag, '?') . $prev . $sortAmp .'">'. T_('Previous') .'</a>';
}
// Next
$next = $page + 1;
$totalpages = ceil($total / $perpage);
if (count($bookmarks) < $perpage || $perpage * $page == $total) {
$bnext = '<span class="disable">'. T_('Next') .'</span>';
$blast = '<span class="disable">'. T_('Last') ."</span>\n";
} else {
$bnext = '<a href="'. sprintf($nav_url, $user, $currenttag, '?page=') . $next . $sortAmp .'">'. T_('Next') .'</a>';
$blast = '<a href="'. sprintf($nav_url, $user, $currenttag, '?page=') . $totalpages . $sortAmp .'">'. T_('Last') ."</a>\n";
}
// RSS // Ordering
$brss = ''; $sortOrder = '';
$size = count($rsschannels); if (isset($_GET['sort'])) {
for ($i = 0; $i < $size; $i++) { $sortOrder = 'sort='. $_GET['sort'];
$brss = '<a style="background:#FFFFFF" href="'. $rsschannels[$i][1] .'" title="'. $rsschannels[$i][0] .'"><img src="'. ROOT .'images/rss.gif" width="16" height="16" alt="'. $rsschannels[$i][0] .'" /></a>'; }
}
$sortAmp = (($sortOrder) ? '&amp;'. $sortOrder : '');
$sortQue = (($sortOrder) ? '?'. $sortOrder : '');
// Previous
$perpage = getPerPageCount();
if (!$page || $page < 2) {
$page = 1;
$start = 0;
$bfirst = '<span class="disable">'. T_('First') .'</span>';
$bprev = '<span class="disable">'. T_('Previous') .'</span>';
} else {
$prev = $page - 1;
$prev = 'page='. $prev;
$start = ($page - 1) * $perpage;
$bfirst= '<a href="'. sprintf($nav_url, $user, $currenttag, '') . $sortQue .'">'. T_('First') .'</a>';
$bprev = '<a href="'. sprintf($nav_url, $user, $currenttag, '?') . $prev . $sortAmp .'">'. T_('Previous') .'</a>';
}
// Next
$next = $page + 1;
$totalpages = ceil($total / $perpage);
if (count($bookmarks) < $perpage || $perpage * $page == $total) {
$bnext = '<span class="disable">'. T_('Next') .'</span>';
$blast = '<span class="disable">'. T_('Last') ."</span>\n";
} else {
$bnext = '<a href="'. sprintf($nav_url, $user, $currenttag, '?page=') . $next . $sortAmp .'">'. T_('Next') .'</a>';
$blast = '<a href="'. sprintf($nav_url, $user, $currenttag, '?page=') . $totalpages . $sortAmp .'">'. T_('Last') ."</a>\n";
}
// RSS
$brss = '';
$size = count($rsschannels);
for ($i = 0; $i < $size; $i++) {
$brss = '<a style="background:#FFFFFF" href="'. $rsschannels[$i][1] .'" title="'. $rsschannels[$i][0] .'"><img src="'. ROOT .'images/rss.gif" width="16" height="16" alt="'. $rsschannels[$i][0] .'" /></a>';
}
echo '<p class="paging">'. $bfirst .'<span> / </span>'. $bprev .'<span> / </span>'. $bnext .'<span> / </span>'. $blast .'<span> / </span>'. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ." </p>\n";
echo '<p class="paging">'. $bfirst .'<span> / </span>'. $bprev .'<span> / </span>'. $bnext .'<span> / </span>'. $blast .'<span> / </span>'. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ." </p>\n";
} else { } else {
echo '<p class="error">'.T_('No bookmarks available').'</p>'; echo '<p class="error">'.T_('No bookmarks available').'</p>';
} }
$this->includeTemplate('sidebar.tpl'); $this->includeTemplate('sidebar.tpl');
$this->includeTemplate($GLOBALS['bottom_include']); $this->includeTemplate($GLOBALS['bottom_include']);