inc/users.inc.php
author rejo
Tue, 10 Apr 2007 22:40:43 +0000
changeset 1 58094faf794d
child 4 55ed92aa7cf5
permissions -rwxr-xr-x
[feladat @ 2] Creation of initial working branch.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     1
<?
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     3
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     4
// | PowerAdmin                                                         |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     5
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     6
// | Copyright (c) 1997-2002 The PowerAdmin Team                        |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     7
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     8
// | This source file is subject to the license carried by the overal   |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     9
// | program PowerAdmin as found on http://poweradmin.sf.net            |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    10
// | The PowerAdmin program falls under the QPL License:                |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    11
// | http://www.trolltech.com/developer/licensing/qpl.html              |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    12
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    13
// | Authors: Roeland Nieuwenhuis <trancer <AT> trancer <DOT> nl>       |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    14
// |          Sjeemz <sjeemz <AT> sjeemz <DOT> nl>                      |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    15
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    16
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    17
// Filename: users.inc.php
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    18
// Startdate: 26-10-2002
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    19
// Description: all user modifications etc. are done here
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    20
//
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
// $Id: users.inc.php,v 1.8 2003/01/01 22:33:47 azurazu Exp $
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    22
//
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    24
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    25
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    26
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    27
 * Retrieve all users.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    28
 * Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    29
 * return values: an array with all users in it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    30
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    31
function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    32
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    33
 	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    34
 	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    35
 	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    36
                 //When a user id is given, it is excluded from the userlist returned.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    37
                 $add = " WHERE users.id!=$id";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    38
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    39
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    40
	// Make a huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    41
	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    42
		users.username AS username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    43
		users.fullname AS fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    44
		users.email AS email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    45
		users.description AS description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    46
		users.level AS level,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    47
		users.active AS active,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    48
		count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    49
		LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    50
		GROUP BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    51
			users.id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    52
			users.username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    53
			users.fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    54
			users.email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    55
			users.description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    56
			users.level,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    57
			users.active
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    58
		ORDER BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    59
			users.fullname
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    60
	 	LIMIT $rowstart,$rowamount";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    61
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    62
	// Execute the huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    63
	$result = $db->query($sqlq);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    64
	$ret = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    65
	$retcount = 0;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    66
	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    67
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    68
		$ret[] = array(
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    69
		 "id"                    =>              $r["id"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    70
		 "username"              =>              $r["username"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    71
		 "fullname"              =>              $r["fullname"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    72
		 "email"                 =>              $r["email"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    73
		 "description"           =>              $r["description"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    74
		 "level"                 =>              $r["level"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    75
		 "active"                =>              $r["active"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    76
		 "numdomains"            =>              $r["aantal"]
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    77
		);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    78
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    79
	return $ret;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    80
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    81
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    82
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    83
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    84
 * Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    85
 * return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    86
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    87
 function is_valid_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    88
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    89
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    90
	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    91
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    92
		$result = $db->query("SELECT id FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    93
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    94
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    95
			return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    96
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    97
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    98
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    99
			return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   101
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   102
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   103
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   104
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   106
 * Gives a textdescribed value of the given levelid
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   107
 * return values: the text associated with the level
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   108
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   109
function leveldescription($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   110
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   111
	// Fixed descriptions for each user level (feel free to edit, anyway..)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   112
	// Will get moved to the config file soon.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   113
	switch($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   114
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   115
		case 1:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   116
			global $NAME_LEVEL_1;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   117
			return $NAME_LEVEL_1;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   118
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   119
		case 5:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   120
			global $NAME_LEVEL_5;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   121
			return $NAME_LEVEL_5;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   122
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   123
		case 10:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   124
			global $NAME_LEVEL_10;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   125
			return $NAME_LEVEL_10;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   126
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   127
		default:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   128
			return "Unknown";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   129
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   130
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   131
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   132
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   133
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   134
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   135
 * Checks if a given username exists in the database.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   136
 * return values: true if exists, false if not.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   137
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   138
function user_exists($user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   139
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   140
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   141
	$result = $db->query("SELECT id FROM users WHERE username='$user'");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   142
	if ($result->numRows() == 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   143
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   144
                 return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   145
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   146
	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   147
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   148
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   149
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   150
        else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   151
        {
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   152
        	error(ERR_UNKOWN);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   153
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   154
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   155
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   156
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   157
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   158
 * Get all user info for the given user in an array.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   159
 * return values: the database style array with the information about the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   160
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   161
function get_user_info($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   162
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   163
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   164
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   165
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   166
		$result = $db->query("SELECT id, username, fullname, email, description, level, active from users where id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   167
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   168
		return $r;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   169
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   170
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   171
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   172
		error(sprintf(ERR_INV_ARGC,"get_user_info", "you gave illegal arguments: $id"));
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   173
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   174
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   175
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   176
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   177
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   178
 * Delete a user from the system
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   179
 * return values: true if user doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   180
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   181
function delete_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   182
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   183
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   184
	if (!level(10))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   185
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   186
		error(ERR_LEVEL_10);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   187
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   188
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   189
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   190
        	$db->query("DELETE FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   191
        	$db->query("DELETE FROM zones WHERE owner=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   192
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   193
        	// No need to check the affected rows. If the affected rows would be 0,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   194
        	// the user isnt in the dbase, just as we want.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   195
        }
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   196
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   197
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   198
		error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   199
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   200
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   201
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   202
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   203
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   204
 * Adds a user to the system.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   205
 * return values: true if succesfully added.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   206
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   207
function add_user($user, $password, $fullname, $email, $level, $description, $active)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   208
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   209
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   210
	if (!level(10))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   211
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   212
		error(ERR_LEVEL_10);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   213
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   214
	if (!user_exists($user))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   215
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   216
		// Might have to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   217
		// TODO probably.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   218
		$description = mysql_escape_string($description);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   219
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   220
		// Clean up the fullname
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   221
		$fullname = mysql_escape_string($fullname);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   222
		is_valid_email($email);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   223
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   224
		// Get id and insert information.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   225
		$idusers= $db->nextID('users');
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   226
		$db->query("INSERT INTO users (id, username, password, fullname, email, description, level, active) VALUES ($idusers, '$user', '" . md5($password) . "', '$fullname', '$email', '$description', '$level', '$active')");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   227
		return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   228
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   229
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   230
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   231
		error(ERR_USER_EXISTS);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   232
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   233
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   234
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   235
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   236
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   237
 * Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   238
 * return values: true if succesful
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   239
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   240
function edit_user($id, $user, $fullname, $email, $level, $description, $active, $password)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   241
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   242
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   243
	if(!level(10)) {
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   244
		error(ERR_LEVEL_10);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   245
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   246
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   247
  	// Might have to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   248
  	// TODO
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   249
	$description = mysql_escape_string($description);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   250
	$fullname = mysql_escape_string($fullname);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   251
	is_valid_email($email);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   252
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   253
	$sqlquery = "UPDATE users set username='$user', fullname='$fullname', email='$email', level=$level, description='$description', active=$active ";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   254
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   255
	if($password != "")
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   256
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   257
		$sqlquery .= ", password= '" . md5($password) . "' ";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   258
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   259
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   260
	$sqlquery .= "where id=$id" ;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   261
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   262
  	// Search the username that right now goes with this ID.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   263
	$result = $db->query("SELECT username from users where id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   264
	$r = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   265
	$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   266
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   267
  	// If the found username with this ID is the given username with the command.. execute.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   268
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   269
	if($r["username"] == $user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   270
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   271
		$db->query($sqlquery);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   272
  		return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   273
  	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   274
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   275
  	// Its not.. so the user wants to change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   276
  	// Find if there is an id that has the wished username.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   277
  	$otheruser = $db->query("SELECT id from users where username='$user'");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   278
  	if($otheruser->numRows() > 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   279
  	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   280
  		error(ERR_USER_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   281
  	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   282
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   283
  	// Its fine it seems.. :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   284
  	// Lets execute it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   285
  	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   286
  	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   287
		$db->query($sqlquery);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   288
		return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   289
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   290
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   291
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   292
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   293
 * Change the pass of the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   294
 * The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   295
 * return values: none.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   296
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   297
function change_user_pass($currentpass, $newpass, $newpass2)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   298
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   299
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   300
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   301
	// Check if the passwords are equal.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   302
	if($newpass != $newpass2)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   303
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   304
		error(ERR_USER_MATCH_NEW_PASS);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   305
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   306
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   307
	// Retrieve the users password.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   308
	$result = $db->query("SELECT password, id FROM users WHERE username='". $_SESSION["userlogin"]  ."'");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   309
	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   310
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   311
	// Check the current password versus the database password and execute the update.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   312
	if(md5($currentpass) == $rinfo["password"])
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   313
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   314
		$sqlquery = "update users set password='" . md5($newpass) . "' where id='" . $rinfo["id"] . "'";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   315
		$db->query($sqlquery);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   316
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   317
		// Logout the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   318
		logout("Pass changed please re-login");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   319
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   320
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   321
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   322
		error(ERR_USER_WRONG_CURRENT_PASS);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   323
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   324
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   325
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   326
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   327
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   328
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   329
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   330
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   331
function get_fullname_from_userid($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   332
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   333
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   334
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   335
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   336
		$result = $db->query("SELECT fullname FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   337
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   338
		return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   339
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   340
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   341
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   342
		error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   343
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   344
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   345
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   346
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   347
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   348
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   349
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   350
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   351
function get_owner_from_id($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   352
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   353
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   354
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   355
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   356
		$result = $db->query("SELECT fullname FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   357
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   358
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   359
			$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   360
			return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   361
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   362
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   363
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   364
			error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   365
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   366
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   367
	error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   368
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   369
?>