3 class mw_data_users extends mw_data{
10 # ----------------------------------------------------------------------------------------
14 function users($start = 0, $alpha = null, $status = null){
15 $sgbd = $this->sgbd();
17 $users = array("list" => array(), "total" => 0);
19 $FROM = " FROM #--users";
21 $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
22 $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : "");
23 $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
24 $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
25 $rst = $sgbd->query($sql);
26 if(!isset($rst)) return false;
27 if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
28 $sgbd->free_result($rst);
29 if($users["total"] > 0){
30 $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
31 $rst = $sgbd->query($sql);
32 if(!isset($rst)) return false;
33 while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
34 $sgbd->free_result($rst);
39 function user_by_id($id){
40 $sgbd = $this->sgbd();
42 $sql = "SELECT * from #--users WHERE id=".$this->eq($id);
43 $rst = $sgbd->query($sql);
44 if(!isset($rst)) return false;
45 if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
46 $sgbd->free_result($rst);
50 function user($login){
51 $sgbd = $this->sgbd();
53 $sql = "SELECT * from #--users WHERE login=".$this->eq($login);
54 $rst = $sgbd->query($sql);
55 if(!isset($rst)) return false;
56 if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
57 $sgbd->free_result($rst);
61 function user_exists($login){
62 $sgbd = $this->sgbd();
64 $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
65 $rst = $sgbd->query($sql);
66 if(!isset($rst)) return false;
67 if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
68 $sgbd->free_result($rst);
72 function add_user($login, $password, $email, $status){
73 $sgbd = $this->sgbd();
75 "INSERT INTO #--users(login, password, email, status) VALUES"
76 ."( ".$this->eq($login)
77 .", ".$this->eq($password)
78 .", ".$this->eq($email)
81 return $sgbd->query($sql);
84 function set_user($id, $login, $password, $email, $status){
85 $sgbd = $this->sgbd();
88 ." login=".$this->eq($login)
89 .", password=".$this->eq($password)
90 .", email=".$this->eq($email)
93 return $sgbd->query($sql);
96 function del_user($login){
97 $sgbd = $this->sgbd();
98 $sql = "DELETE FROM #--users WHERE login=".$this->eq($login);
99 return $sgbd->query($sql);
102 # ----------------------------------------------------------------------------------------
107 if(!isset($this->user_status)) return false;
108 return $this->user_status;
111 function init_user_status($status = array()){
112 $sgbd = $this->sgbd();
113 $this->user_status = array();
114 $sql = "SELECT * FROM #--user_status";
115 $rst = $sgbd->query($sql);
116 if(!isset($rst)) return false;
117 while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst;
118 $sgbd->free_result($rst);
119 return $this->user_status;
122 function init_action_status($status = array()){
123 if(!isset($this->user_status)) return false;
124 $sgbd = $this->sgbd();
125 $this->action_status = array();
126 $sql = "SELECT * FROM #--action_status";
127 $rst = $sgbd->query($sql);
128 if(!isset($rst)) return false;
129 while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst;
130 $sgbd->free_result($rst);
131 return $this->action_status;
134 function get_user_status(){
135 $user = $this->get_session_user();
136 if($user && isset($user["status"])) return $user["status"];
140 function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){
141 $sgbd = $this->sgbd();
144 "SELECT action, id_status"
145 ." FROM #--action_status"
146 ." WHERE action=".$this->eq($mod)
147 ." OR action=".$this->eq($mod."/".$controller)
148 ." OR action=".$this->eq($mod."/".$controller."/".$action);
149 $rst = $sgbd->query($sql);
150 if(!isset($rst)) return false;
151 while($v_rst = $sgbd->fetch_assoc($rst)){
152 if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array();
153 $status[$v_rst["action"]][$v_rst["id_status"]] = true;
155 $sgbd->free_result($rst);
159 function creation_default_status(){
160 $sgbd = $this->sgbd();
162 $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1";
163 $rst = $sgbd->query($sql);
164 if(!isset($rst)) return false;
165 if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"];
166 $sgbd->free_result($rst);
167 return $default_status;
170 # ----------------------------------------------------------------------------------------
174 function login($login, $password){
175 if(($user = $this->user($login)) !== false){
176 if($this->password_ok($user, $password)){
177 if(!$this->set_session($user)) $user = false;
180 $this->clear_session();
188 return $this->clear_session();
191 function user_ok($user){
193 strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
194 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
197 function password_ok($user, $password){
199 strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
200 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
203 # ----------------------------------------------------------------------------------------
207 function load_session(){
209 if(!isset($_SESSION["id"])) $this->clear_session();
212 isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
213 $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"])
217 if(isset($_COOKIE["user"])) $this->set_session($user);
218 if(!$this->user_ok($user)){
219 $this->clear_session();
223 $this->_user = $user;
227 function set_session($user){
228 $_SESSION["user"] = $user["login"];
229 $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
231 return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"));
234 function clear_session(){
235 unset($_SESSION["user"]);
236 unset($_SESSION["pass"]);
237 $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
238 $_SESSION["id"] = md5(rand());
240 return setcookie("user", "", 0, $env->path("web"));
243 function get_session_user(){
247 # ----------------------------------------------------------------------------------------
251 function check_user_uploads_dir($user = null){
253 $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]);
254 if(!file_exists($user_dir)) @mkdir($user_dir);
255 return file_exists($user_dir);