3 class mw_data_users extends mw_data{
10 # ----------------------------------------------------------------------------------------
14 function users($start = 0, $alpha = null, $status = null){
15 $sgbd = $this->sgbd();
17 $users = array("list" => array(), "total" => 0);
20 $FROM = " FROM #--users";
22 $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
23 $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : "");
24 $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
25 $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
26 $rst = $sgbd->query($sql);
27 if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
28 $sgbd->free_result($rst);
29 if($users["total"] > 0){
30 $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
31 $rst = $sgbd->query($sql);
32 while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
33 $sgbd->free_result($rst);
36 catch(Exception $e) { $users = false; }
40 function user_by_id($id){
41 $sgbd = $this->sgbd();
44 $sql = "SELECT * from #--users WHERE id=".$this->eq($id);
45 $rst = $sgbd->query($sql);
46 if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
47 $sgbd->free_result($rst);
49 catch(Exception $e) { $user = false; }
53 function user($login){
54 $sgbd = $this->sgbd();
57 $sql = "SELECT * from #--users WHERE login=".$this->eq($login);
58 $rst = $sgbd->query($sql);
59 if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
60 $sgbd->free_result($rst);
62 catch(Exception $e) { $user = false; }
66 function user_exists($login){
67 $sgbd = $this->sgbd();
70 $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
71 $rst = $sgbd->query($sql);
72 if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
73 $sgbd->free_result($rst);
75 catch(Exception $e) { $EXISTS = false; }
79 function add_user($login, $password, $email, $status){
80 $sgbd = $this->sgbd();
84 "INSERT INTO #--users(login, password, email, status) VALUES"
85 ."( ".$this->eq($login)
86 .", ".$this->eq($password)
87 .", ".$this->eq($email)
91 $user_id = $sgbd->insert_id();
93 catch(Exception $e) { $user_id = false; }
97 function set_user($id, $login, $password, $email, $status){
98 $sgbd = $this->sgbd();
101 "UPDATE #--users SET"
102 ." login=".$this->eq($login)
103 .", password=".$this->eq($password)
104 .", email=".$this->eq($email)
109 catch(Exception $e) { return false; }
113 function del_user($login){
114 $sgbd = $this->sgbd();
116 $sql = "DELETE FROM #--users WHERE login=".$this->eq($login);
119 catch(Exception $e) { return false; }
123 # ----------------------------------------------------------------------------------------
128 if(!isset($this->user_status)) return false;
129 return $this->user_status;
132 function init_user_status($status = array()){
133 $sgbd = $this->sgbd();
134 $this->user_status = array();
136 $sql = "SELECT * FROM #--user_status";
137 $rst = $sgbd->query($sql);
138 while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst;
139 $sgbd->free_result($rst);
141 catch(Exception $e) { $this->user_status = false; }
142 return $this->user_status;
145 function init_action_status($status = array()){
146 if(!isset($this->user_status)) return false;
147 $sgbd = $this->sgbd();
148 $this->action_status = array();
150 $sql = "SELECT * FROM #--action_status";
151 $rst = $sgbd->query($sql);
152 while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst;
153 $sgbd->free_result($rst);
155 catch(Exception $e) { $this->action_status = false; }
156 return $this->action_status;
159 function get_user_status(){
160 $user = $this->get_session_user();
161 if($user && isset($user["status"])) return $user["status"];
165 function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){
166 $sgbd = $this->sgbd();
170 "SELECT action, id_status"
171 ." FROM #--action_status"
172 ." WHERE action=".$this->eq($mod)
173 ." OR action=".$this->eq($mod."/".$controller)
174 ." OR action=".$this->eq($mod."/".$controller."/".$action);
175 $rst = $sgbd->query($sql);
176 while($v_rst = $sgbd->fetch_assoc($rst)){
177 if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array();
178 $status[$v_rst["action"]][$v_rst["id_status"]] = true;
180 $sgbd->free_result($rst);
182 catch(Exception $e) { $status = false; }
186 function creation_default_status(){
187 $sgbd = $this->sgbd();
190 $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1";
191 $rst = $sgbd->query($sql);
192 if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"];
193 $sgbd->free_result($rst);
195 catch(Exception $e) { $default_status = false; }
196 return $default_status;
199 # ----------------------------------------------------------------------------------------
203 function login($login, $password){
204 if(($user = $this->user($login)) !== false){
205 if($this->password_ok($user, $password)){
206 if(!$this->set_session($user)) $user = false;
209 $this->clear_session();
217 return $this->clear_session();
220 function user_ok($user){
222 strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
223 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
226 function password_ok($user, $password){
227 if(!$user) return false;
229 strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
230 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
233 # ----------------------------------------------------------------------------------------
237 function load_session(){
239 if(!isset($_SESSION["id"])) $this->clear_session();
242 isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
243 $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"])
247 if(isset($_COOKIE["user"])) $this->set_session($user);
248 if(!$this->user_ok($user)){
249 $this->clear_session();
253 $this->_user = $user;
257 function set_session($user){
258 $_SESSION["user"] = $user["login"];
259 $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
261 return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"));
264 function clear_session(){
265 unset($_SESSION["user"]);
266 unset($_SESSION["pass"]);
267 $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
268 $_SESSION["id"] = md5(rand());
270 return setcookie("user", "", 0, $env->path("web"));
273 function get_session_user(){
277 # ----------------------------------------------------------------------------------------
281 function check_user_uploads_dir($user = null){
283 $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]);
284 if(!file_exists($user_dir)) @mkdir($user_dir);
285 return file_exists($user_dir);