X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=mw%2Fapp%2Fdata%2Fmodules%2Fxml%2Fmw_data_users.php;h=ce17d22b0f44d037aaa2d8385c2c3a51249ad0f1;hb=refs%2Ftags%2Fmtweb.0.9.0;hp=a5e5e9cc030bc513947c44f30f801fcc9d63ded1;hpb=2ff0191d4033a2e45ca57e478ff81132c132ed1f;p=mtweb diff --git a/mw/app/data/modules/xml/mw_data_users.php b/mw/app/data/modules/xml/mw_data_users.php index a5e5e9c..ce17d22 100644 --- a/mw/app/data/modules/xml/mw_data_users.php +++ b/mw/app/data/modules/xml/mw_data_users.php @@ -231,6 +231,40 @@ return true; } + function clear_user_roles($id_user){ + $sgbd = $this->sgbd(); + if($rst = $sgbd->open_data("users_roles")){ + $OK = true; + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && ($v_rst["id_user"] == $id_user)){ + if(!$sgbd->del_data("users_roles", $v_rst["id"])){ + $OK = false; + break; + } + } + } + else $OK = false; + } + $sgbd->close_data($rst); + } + else $OK = false; + return $OK; + } + + function add_user_role($id_user, $id_role){ + $sgbd = $this->sgbd(); + $OK = $sgbd->add_data( + "users_roles", + array( + "id_user" => $id_user, + "id_role" => $id_role + ) + ); + if(!$OK) return false; + return true; + } + function del_user($login){ if(($user = $this->user($login)) !== false){ $sgbd = $this->sgbd(); @@ -524,96 +558,6 @@ return array(); } - # ---------------------------------------------------------------------------------------- - # log in / out - # - - function login($login, $password){ - if(($user = $this->user($login)) !== false){ - if($this->password_ok($user, $password)){ - if(!$this->set_session($user)) $user = false; - } - else{ - $this->clear_session(); - $user = array(); - } - } - return $user; - } - - function logout(){ - return $this->clear_session(); - } - - function user_ok($user){ - return - strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - function password_ok($user, $password){ - if(!$user) return false; - return - strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - # ---------------------------------------------------------------------------------------- - # session - # - - function load_session(){ - session_start(); - if(!isset($_SESSION["id"])) $this->clear_session(); - if( - $user = ( - isset($_COOKIE["user"]) || isset($_SESSION["user"]) ? - $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"]) - : array() - ) - ){ - if(isset($_COOKIE["user"])) $this->set_session($user); - if(!$this->user_ok($user)){ - $this->clear_session(); - $user = array(); - } - } - $this->user = $user; - return $user; - } - - function set_session($user){ - $_SESSION["user"] = $user["login"]; - $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]); - $env = $this->env(); - return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")); - } - - function clear_session(){ - unset($_SESSION["user"]); - unset($_SESSION["pass"]); - $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; - $_SESSION["id"] = md5(rand()); - $env = $this->env(); - return setcookie("user", "", 0, $env->path("web")); - } - - function get_session_user(){ - return $this->user; - } - - # ---------------------------------------------------------------------------------------- - # uploads - # - - function check_user_uploads_dir($user = null){ - $env = $this->env(); - if((!isset($user) || !$user) && !isset($this->user["id"])) return false; - $user_dir = $env->path("content")."uploads/".(isset($user) && $user ? $user : $this->user["id"]); - if(!file_exists($user_dir)) @mkdir($user_dir); - return file_exists($user_dir); - } - } ?> \ No newline at end of file