<?php
- class mw_data_users extends mw_data
- {
+ class mw_data_users extends mw_data{
var $users;
var $_user;
# users
#
- function users($start = 0, $alpha = null, $status = null)
- { $sgbd = $this->sgbd();
+ function users($start = 0, $alpha = null, $status = null){
+ $sgbd = $this->sgbd();
$env = $this->env();
$users = array("list" => array(), "total" => 0);
- $SELECT = "SELECT *";
- $FROM = " FROM #--users";
- $WHERE = "";
- $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
- $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : "");
- $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
- $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
- $sgbd->free_result($rst);
- if($users["total"] > 0)
- { $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
+ try{
+ $SELECT = "SELECT *";
+ $FROM = " FROM #--users";
+ $WHERE = "";
+ $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
+ $WHERE .= (isset($status) ? ($WHERE ? " AND" : " WHERE")." status=".$this->eq($status) : "");
+ $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
+ $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
$rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
+ if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
$sgbd->free_result($rst);
+ if($users["total"] > 0){
+ $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
+ $rst = $sgbd->query($sql);
+ while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
+ $sgbd->free_result($rst);
+ }
}
+ catch(Exception $e) { $users = false; }
return $users;
}
- function user_by_id($id)
- { $sgbd = $this->sgbd();
+ function user_by_id($id){
+ $sgbd = $this->sgbd();
$user = array();
- $sql = "SELECT * from #--users WHERE id=".$this->eq($id);
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
- $sgbd->free_result($rst);
+ try{
+ $sql = "SELECT * from #--users WHERE id=".$this->eq($id);
+ $rst = $sgbd->query($sql);
+ if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $user = false; }
return $user;
}
- function user($login)
- { $sgbd = $this->sgbd();
+ function user($login){
+ $sgbd = $this->sgbd();
$user = array();
- $sql = "SELECT * from #--users WHERE login=".$this->eq($login);
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
- $sgbd->free_result($rst);
+ try{
+ $sql = "SELECT * from #--users WHERE login=".$this->eq($login);
+ $rst = $sgbd->query($sql);
+ if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $user = false; }
return $user;
}
- function user_exists($login)
- { $sgbd = $this->sgbd();
+ function user_exists($login){
+ $sgbd = $this->sgbd();
$EXISTS = 0;
- $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
- $sgbd->free_result($rst);
+ try{
+ $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
+ $rst = $sgbd->query($sql);
+ if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $EXISTS = false; }
return $EXISTS;
}
- function add_user($login, $password, $email, $status)
- { $sgbd = $this->sgbd();
- $sql =
- "INSERT INTO #--users(login, password, email, status) VALUES"
- ."( ".$this->eq($login)
- .", ".$this->eq($password)
- .", ".$this->eq($email)
- .", ".$status
- .")";
- return $sgbd->query($sql);
+ function add_user($login, $password, $email, $status){
+ $sgbd = $this->sgbd();
+ $user_id = false;
+ try{
+ $sql =
+ "INSERT INTO #--users(login, password, email, status) VALUES"
+ ."( ".$this->eq($login)
+ .", ".$this->eq($password)
+ .", ".$this->eq($email)
+ .", ".$status
+ .")";
+ $sgbd->query($sql);
+ $user_id = $sgbd->insert_id();
+ }
+ catch(Exception $e) { $user_id = false; }
+ return $user_id;
}
- function set_user($id, $login, $password, $email, $status)
- { $sgbd = $this->sgbd();
- $sql =
- "UPDATE #--users SET"
- ." login=".$this->eq($login)
- .", password=".$this->eq($password)
- .", email=".$this->eq($email)
- .", status=".$status
- ." WHERE id=".$id;
- return $sgbd->query($sql);
+ function set_user($id, $login, $password, $email, $status){
+ $sgbd = $this->sgbd();
+ try{
+ $sql =
+ "UPDATE #--users SET"
+ ." login=".$this->eq($login)
+ .", password=".$this->eq($password)
+ .", email=".$this->eq($email)
+ .", status=".$status
+ ." WHERE id=".$id;
+ $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
+ return true;
}
- function del_user($login)
- { $sgbd = $this->sgbd();
- $sql = "DELETE FROM #--users WHERE login=".$this->eq($login);
- return $sgbd->query($sql);
+ function del_user($login){
+ $sgbd = $this->sgbd();
+ try{
+ $sql = "DELETE FROM #--users WHERE login=".$this->eq($login);
+ $sgbd->query($sql);
+ }
+ catch(Exception $e) { return false; }
+ return true;
}
# ----------------------------------------------------------------------------------------
# status
#
- function status()
- { if(!isset($this->user_status)) return false;
+ function status(){
+ if(!isset($this->user_status)) return false;
return $this->user_status;
}
- function init_user_status($status = array())
- { $sgbd = $this->sgbd();
+ function init_user_status($status = array()){
+ $sgbd = $this->sgbd();
$this->user_status = array();
- $sql = "SELECT * FROM #--user_status";
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst;
- $sgbd->free_result($rst);
+ try{
+ $sql = "SELECT * FROM #--user_status";
+ $rst = $sgbd->query($sql);
+ while($v_rst = $sgbd->fetch_assoc($rst)) $this->user_status[$v_rst["id"]] = $v_rst;
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $this->user_status = false; }
return $this->user_status;
}
- function init_action_status($status = array())
- { if(!isset($this->user_status)) return false;
+ function init_action_status($status = array()){
+ if(!isset($this->user_status)) return false;
$sgbd = $this->sgbd();
$this->action_status = array();
- $sql = "SELECT * FROM #--action_status";
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst;
- $sgbd->free_result($rst);
+ try{
+ $sql = "SELECT * FROM #--action_status";
+ $rst = $sgbd->query($sql);
+ while($v_rst = $sgbd->fetch_assoc($rst)) $this->action_status[$v_rst["id"]] = $v_rst;
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $this->action_status = false; }
return $this->action_status;
}
- function get_user_status()
- { $user = $this->get_session_user();
+ function get_user_status(){
+ $user = $this->get_session_user();
if($user && isset($user["status"])) return $user["status"];
return 0;
}
- function get_action_status($mod, $controller = "index", $action = "index", $set_status = array())
- { $sgbd = $this->sgbd();
+ function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){
+ $sgbd = $this->sgbd();
$status = array();
- $sql =
- "SELECT action, id_status"
- ." FROM #--action_status"
- ." WHERE action=".$this->eq($mod)
- ." OR action=".$this->eq($mod."/".$controller)
- ." OR action=".$this->eq($mod."/".$controller."/".$action);
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- while($v_rst = $sgbd->fetch_assoc($rst))
- { if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array();
- $status[$v_rst["action"]][$v_rst["id_status"]] = true;
+ try{
+ $sql =
+ "SELECT action, id_status"
+ ." FROM #--action_status"
+ ." WHERE action=".$this->eq($mod)
+ ." OR action=".$this->eq($mod."/".$controller)
+ ." OR action=".$this->eq($mod."/".$controller."/".$action);
+ $rst = $sgbd->query($sql);
+ while($v_rst = $sgbd->fetch_assoc($rst)){
+ if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array();
+ $status[$v_rst["action"]][$v_rst["id_status"]] = true;
+ }
+ $sgbd->free_result($rst);
}
- $sgbd->free_result($rst);
+ catch(Exception $e) { $status = false; }
return $status;
}
- function creation_default_status()
- { $sgbd = $this->sgbd();
+ function creation_default_status(){
+ $sgbd = $this->sgbd();
$default_status = 0;
- $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1";
- $rst = $sgbd->query($sql);
- if(!isset($rst)) return false;
- if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"];
- $sgbd->free_result($rst);
+ try{
+ $sql = "SELECT id FROM #--user_status WHERE creation_default=1 LIMIT 0,1";
+ $rst = $sgbd->query($sql);
+ if($v_rst = $sgbd->fetch_assoc($rst)) $default_status = $v_rst["id"];
+ $sgbd->free_result($rst);
+ }
+ catch(Exception $e) { $default_status = false; }
return $default_status;
}
# log in / out
#
- function login($login, $password)
- { if(($user = $this->user($login)) !== false)
- { if($this->password_ok($user, $password))
- { if(!$this->set_session($user)) $user = false;
+ function login($login, $password){
+ if(($user = $this->user($login)) !== false){
+ if($this->password_ok($user, $password)){
+ if(!$this->set_session($user)) $user = false;
}
- else
- { $this->clear_session();
+ else{
+ $this->clear_session();
$user = array();
}
}
return $user;
}
- function logout()
- { return $this->clear_session();
+ function logout(){
+ return $this->clear_session();
}
- function user_ok($user)
- { return
+ function user_ok($user){
+ return
strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
&& $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
}
- function password_ok($user, $password)
- { return
+ function password_ok($user, $password){
+ return
strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
&& $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
}
# session
#
- function load_session()
- { session_start();
+ function load_session(){
+ session_start();
if(!isset($_SESSION["id"])) $this->clear_session();
- if
- ( $user =
- ( isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
+ if(
+ $user = (
+ isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
$this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"])
: array()
)
- )
- { if(isset($_COOKIE["user"])) $this->set_session($user);
- if(!$this->user_ok($user))
- { $this->clear_session();
+ ){
+ if(isset($_COOKIE["user"])) $this->set_session($user);
+ if(!$this->user_ok($user)){
+ $this->clear_session();
$user = array();
}
}
return $user;
}
- function set_session($user)
- { $_SESSION["user"] = $user["login"];
+ function set_session($user){
+ $_SESSION["user"] = $user["login"];
$_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
$env = $this->env();
return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"));
}
- function clear_session()
- { unset($_SESSION["user"]);
+ function clear_session(){
+ unset($_SESSION["user"]);
unset($_SESSION["pass"]);
$_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
$_SESSION["id"] = md5(rand());
return setcookie("user", "", 0, $env->path("web"));
}
- function get_session_user() { return $this->_user; }
+ function get_session_user(){
+ return $this->_user;
+ }
# ----------------------------------------------------------------------------------------
# uploads
#
- function check_user_uploads_dir($user = null)
- { $env = $this->env();
+ function check_user_uploads_dir($user = null){
+ $env = $this->env();
$user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]);
if(!file_exists($user_dir)) @mkdir($user_dir);
return file_exists($user_dir);