X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=mw%2Fapp%2Fdata%2Fmodules%2Fsql%2Fmw_data_users.php;h=f1171dafd8756084e9fdd0b10d3072b73721ac09;hb=refs%2Ftags%2Fmtweb.0.9.0;hp=32bc0c558e7cdd8c1028a5441354fb6d44240050;hpb=5dfe5e84a7007ddd9737707ce15f0155e6415066;p=mtweb diff --git a/mw/app/data/modules/sql/mw_data_users.php b/mw/app/data/modules/sql/mw_data_users.php index 32bc0c5..f1171da 100644 --- a/mw/app/data/modules/sql/mw_data_users.php +++ b/mw/app/data/modules/sql/mw_data_users.php @@ -67,35 +67,17 @@ } function user_by_id($id){ - $sgbd = $this->sgbd(); - $user = array(); - try{ - $sql = "SELECT * from #--users WHERE id=".$this->eq($id); - $rst = $sgbd->query($sql); - if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst; - $sgbd->free_result($rst); - if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; - else $user = false; - } - catch(Exception $e) { $user = false; } - return $user; + $env = $this->env(); + $user = $env->get_model("users"); + if($user->load("id", $id) === false) return false; + return $user->get_values(); } function user($login){ - $sgbd = $this->sgbd(); - $user = array(); - try{ - $sql = "SELECT * from #--users WHERE login=".$this->eq($login); - $rst = $sgbd->query($sql); - if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst; - $sgbd->free_result($rst); - if($user){ - if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; - else $user = false; - } - } - catch(Exception $e) { $user = false; } - return $user; + $env = $this->env(); + $user = $env->get_model("users"); + if($user->load("login", $login) === false) return false; + return $user->get_values(); } function user_exists($login){ @@ -146,21 +128,39 @@ .", email=".$this->eq($email) ." WHERE id=".$this->eq($id); $sgbd->query($sql); - $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id); - $sgbd->query($sql); + if(!$this->clear_user_roles($id)) return false; foreach($roles as $id_role){ - $sql = - "INSERT INTO #--users_roles(id_user, id_role) VALUES" - ."( ".$this->eq($id) - .", ".$this->eq($id_role) - .")"; - $sgbd->query($sql); + if(!$this->add_user_role($id, $id_role)) return false; } } catch(Exception $e) { return false; } return true; } + function clear_user_roles($id_user){ + $sgbd = $this->sgbd(); + try{ + $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id_user); + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + + function add_user_role($id_user, $id_role){ + $sgbd = $this->sgbd(); + try{ + $sql = + "INSERT INTO #--users_roles(id_user, id_role) VALUES" + ."( ".$this->eq($id_user) + .", ".$this->eq($id_role) + .")"; + $sgbd->query($sql); + } + catch(Exception $e) { return false; } + return true; + } + function del_user($login){ if(($user = $this->user($login)) !== false){ $sgbd = $this->sgbd(); @@ -409,104 +409,6 @@ return array(); } - # ---------------------------------------------------------------------------------------- - # log in / out - # - - function login($login, $password){ - if(($user = $this->user($login)) !== false){ - if($this->password_ok($user, $password)){ - if(!$this->set_session($user)) $user = false; - } - else{ - $this->clear_session(); - $user = array(); - } - } - return $user; - } - - function logout(){ - return $this->clear_session(); - } - - function user_ok($user){ - return - strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - function password_ok($user, $password){ - if(!$user) return false; - return - strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - # ---------------------------------------------------------------------------------------- - # session - # - - function load_session(){ - @session_start(); - if(!isset($_SESSION["id"])) $this->clear_session(); - $user = array(); - if(isset($_SESSION["user"])){ - $user = $this->user($_SESSION["user"]); - } - elseif(isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){ - if($user = $this->user($_COOKIE["user"])){ - $user["password"] = $_COOKIE["pass"]; - $this->set_session($user); - } - } - if($user){ - if(!$this->user_ok($user)){ - $this->clear_session(); - $user = array(); - } - } - else $user = array(); - $this->user = $user; - return $user; - } - - function set_session($user){ - $_SESSION["user"] = $user["login"]; - $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]); - $env = $this->env(); - return - setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")) - && setcookie("pass", $user["password"], time() + (60 * 60 * 24 * 7), $env->path("web")); - } - - function clear_session(){ - unset($_SESSION["user"]); - unset($_SESSION["pass"]); - $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; - $_SESSION["id"] = md5(rand()); - $env = $this->env(); - return - setcookie("user", "", 0, $env->path("web")) - && setcookie("pass", "", 0, $env->path("web")); - } - - function get_session_user(){ - return $this->user; - } - - # ---------------------------------------------------------------------------------------- - # uploads - # - - function check_user_uploads_dir($user = null){ - $env = $this->env(); - if((!isset($user) || !$user) && !isset($this->user["id"])) return false; - $user_dir = $env->path("content")."uploads/".(isset($user) && $user ? $user : $this->user["id"]); - if(!file_exists($user_dir)) @mkdir($user_dir); - return file_exists($user_dir); - } - } ?> \ No newline at end of file