3 class mw_data_users extends mw_data
11 # ----------------------------------------------------------------------------------------
15 function users($start = 0, $alpha = null, $status = null)
16 { $sgbd = $this->sgbd();
18 $users = array("list" => array(), "total" => 0);
20 $FROM = " FROM #--users";
22 $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
23 $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : "");
24 $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
25 $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
26 $rst = $sgbd->query($sql);
27 if(!isset($rst)) return false;
28 if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
29 $sgbd->free_result($rst);
30 if($users["total"] > 0)
31 { $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
32 $rst = $sgbd->query($sql);
33 if(!isset($rst)) return false;
34 while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
35 $sgbd->free_result($rst);
40 function user_by_id($id)
41 { $sgbd = $this->sgbd();
43 $sql = "SELECT * from #--users WHERE id=".$this->eq($id);
44 $rst = $sgbd->query($sql);
45 if(!isset($rst)) return false;
46 if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
47 $sgbd->free_result($rst);
52 { $sgbd = $this->sgbd();
54 $sql = "SELECT * from #--users WHERE login=".$this->eq($login);
55 $rst = $sgbd->query($sql);
56 if(!isset($rst)) return false;
57 if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
58 $sgbd->free_result($rst);
62 function user_exists($login)
63 { $sgbd = $this->sgbd();
65 $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
66 $rst = $sgbd->query($sql);
67 if(!isset($rst)) return false;
68 if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
69 $sgbd->free_result($rst);
73 function add_user($login, $password, $email, $status)
74 { $sgbd = $this->sgbd();
76 "INSERT INTO #--users(login, password, email, status) VALUES"
77 ."( ".$this->eq($login)
78 .", ".$this->eq($password)
79 .", ".$this->eq($email)
82 return $sgbd->query($sql);
85 function set_user($id, $login, $password, $email, $status)
86 { $sgbd = $this->sgbd();
89 ." login=".$this->eq($login)
90 .", password=".$this->eq($password)
91 .", email=".$this->eq($email)
94 return $sgbd->query($sql);
97 function del_user($login)
98 { $sgbd = $this->sgbd();
99 $sql = "DELETE FROM #--users WHERE login=".$this->eq($login);
100 return $sgbd->query($sql);
103 # ----------------------------------------------------------------------------------------
108 { if(!isset($this->user_status)) return false;
109 return $this->user_status;
112 function init_user_status($status = array())
113 { $sgbd = $this->sgbd();
114 $this->user_status = array();
115 $sql = "SELECT * FROM #--user_status";
116 $rst = $sgbd->query($sql);
117 if(!isset($rst)) return false;
118 while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst;
119 $sgbd->free_result($rst);
120 return $this->user_status;
123 function init_action_status($status = array())
124 { if(!isset($this->user_status)) return false;
125 $sgbd = $this->sgbd();
126 $this->action_status = array();
127 $sql = "SELECT * FROM #--action_status";
128 $rst = $sgbd->query($sql);
129 if(!isset($rst)) return false;
130 while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst;
131 $sgbd->free_result($rst);
132 return $this->action_status;
135 function get_user_status()
136 { $user = $this->get_session_user();
137 if($user && isset($user["status"])) return $user["status"];
141 function get_action_status($mod, $controller = "index", $action = "index", $set_status = array())
142 { $sgbd = $this->sgbd();
145 "SELECT action, id_status"
146 ." FROM #--action_status"
147 ." WHERE action=".$this->eq($mod)
148 ." OR action=".$this->eq($mod."/".$controller)
149 ." OR action=".$this->eq($mod."/".$controller."/".$action);
150 $rst = $sgbd->query($sql);
151 if(!isset($rst)) return false;
152 while($v_rst = $sgbd->fetch_assoc($rst))
153 { if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array();
154 $status[$v_rst["action"]][$v_rst["id_status"]] = true;
156 $sgbd->free_result($rst);
160 function creation_default_status()
161 { $sgbd = $this->sgbd();
163 $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1";
164 $rst = $sgbd->query($sql);
165 if(!isset($rst)) return false;
166 if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"];
167 $sgbd->free_result($rst);
168 return $default_status;
171 # ----------------------------------------------------------------------------------------
175 function login($login, $password)
176 { if(($user = $this->user($login)) !== false)
177 { if($this->password_ok($user, $password))
178 { if(!$this->set_session($user)) $user = false;
181 { $this->clear_session();
189 { return $this->clear_session();
192 function user_ok($user)
194 strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
195 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
198 function password_ok($user, $password)
200 strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
201 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
204 # ----------------------------------------------------------------------------------------
208 function load_session()
210 if(!isset($_SESSION["id"])) $this->clear_session();
213 ( isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
214 $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"])
218 { if(isset($_COOKIE["user"])) $this->set_session($user);
219 if(!$this->user_ok($user))
220 { $this->clear_session();
224 $this->_user = $user;
228 function set_session($user)
229 { $_SESSION["user"] = $user["login"];
230 $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
232 return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"));
235 function clear_session()
236 { unset($_SESSION["user"]);
237 unset($_SESSION["pass"]);
238 $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
239 $_SESSION["id"] = md5(rand());
241 return setcookie("user", "", 0, $env->path("web"));
244 function get_session_user() { return $this->_user; }
246 # ----------------------------------------------------------------------------------------
250 function check_user_uploads_dir($user = null)
251 { $env = $this->env();
252 $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]);
253 if(!file_exists($user_dir)) @mkdir($user_dir);
254 return file_exists($user_dir);