<?php
//Welcome to the Grand Library of Random Functions and Objects
if(!defined('INC')) // makes sure nobody is visiting the page directly
die();
// Disable some evil settings and set the error level
ini_set("magic_quotes_gpc",0);
error_reporting(E_ERROR | E_WARNING | E_PARSE);
// Ensure that we're working in the directory we think we're in.
chdir(dirname(__FILE__));
set_include_path("lib/");
//Include some cool stuff
include_once("PEAR.php");
include_once("DB.php");
include("config.php");
session_start();
// Some Useful Constants
define("TIME",time());
// Connect to main DB
if(!file_exists($dbpath) || filesize($dbpath) < 3000){
if($sopen=sqlite_open($dbpath,0777)){
sqlite_query($sopen,"CREATE TABLE user ( 'userid' TEXT UNIQUE, 'username' TEXT UNIQUE, 'userpassword', 'usercreated', 'usermodified' )");
//sqlite_query($sopen,"INSERT INTO user ('userid','username') VALUES ('".mt_rand()."','anonymousbob')");
sqlite_close($sopen);
}
}
$db=& DB::connect("sqlite:///".$dbpath,TRUE);
$result=&$db->query("SELECT * FROM user");
if (DB::isError($result)){
var_dump($db);
die("DB Query Failed: ".$result->getMessage());
}
if (DB::isError($db))
die("DB Connect Failed: ".$db->getMessage());
// User Authentication stuff
if($_POST['pwd'] && is_alphanumeric($_POST['usr']) ){
$usr=strtolower($_POST['usr']);
$pwd=$_POST['pwd'];
$sql="SELECT userid,username,userpassword FROM user WHERE username='".$usr."'";
$authQuery=&$db->query($sql);
if(!DB::isError($authQuery) && $authQuery->numRows()==1){
$row=$authQuery->fetchRow(DB_FETCHMODE_ASSOC);
if(sha1($row['userpassword'].$_SESSION['randPwdNr']) == $pwd || $row['userpassword']==sha1($pwd) ){
$_SESSION['username']=$row['username'];
$_SESSION['userid']=$row['userid'];
}
}
}
if(isset($_SESSION['userid']) && is_numeric($_SESSION['userid']) && $_GET['m']!='logout' ){
define("USERID",$_SESSION['userid']);
define("USERNAME",$_SESSION['username']);
$userpath=realpath($usersdir)."/".USERID;
}
else{
define("USERID",FALSE);
define("USERNAME",FALSE);
}
// Crazy Functions
function getURLVars(){
$result="";
$numArgs=func_num_args();
$valArgs=func_get_args();
$getArr=$_GET;
if(!$numArgs || !is_int(0+$numArgs/2))
return "";
$i=0;
while($i<$numArgs){
$getArr[$valArgs[$i]]=$valArgs[$i+1];
$i+=2;
}
foreach($getArr as $key=>$value){
$result.=$key."=".urlencode($value)."&";
}
return $result;
}
function is_alphanumeric($test) {
return (preg_match("/^[a-z0-9 ]+$/i", $test));
}
function valid_int ($x) {
return (is_numeric($x) ? intval($x) == $x : false);
}
class User{
function __construct($id){
global $usersdir;
$this->userid=$id;
$userpath=realpath($usersdir)."/".USERID;
$userdbpath=$userpath."/";
sqlite_open($userdbpath."/".USERID.".sqlite");
$this->db=&DB::connect("sqlite:///".$userdbpath."/".USERID.".sqlite");
if(DB::isError($this->db)){
return "problem with db";
}
$offset=$this->getOption('gmtoffset');
$this->setTime(TIME+$offset);
}
function getOption($option){
$userdb=&$this->getDB();
return $userdb->getOne("SELECT optionvalue FROM option WHERE optionlabel=?",$option);
}
function getYear(){
return $this->year;
}
function getMonth(){
return $this->month;
}
function getDay(){
return $this->day;
}
function getHour(){
return $this->hour;
}
function getMinute(){
return $this->minute;
}
function getSecond(){
return $this->second;
}
function getDB(){
return $this->db;
}
function setTime($timestamp){
$this->time=$timestamp;
$this->year=gmdate("Y",$this->time);
$this->month=gmdate("n",$this->time);
$this->day=gmdate("j",$this->time);
$this->hour=gmdate("H",$this->time);
$this->minute=gmdate("i",$this->time);
$this->second=gmdate("s",$this->time);
}
function newItem($itemtype,$itemlabel){
global $userdb;
$prnewitem=$userdb->prepare("INSERT INTO item(itemid,itemtype,itemlabel,itemcreated,itemmodified) VALUES (?,?,?,'".TIME."','".TIME."')");
$itemid=mt_rand();
$result=&$userdb->execute($prnewitem,array($itemid,$itemtype,$itemlabel) );
if(DB::isError($result)){
echo $result->getMessage();
echo $result->getCode();
echo $result->getDebugInfo();
return FALSE;
}
return new Item($itemid);
}
function fetchItems($type="",$values,$sortby=0){
$userdb=$this->db;
if(!is_array($values) || !(count($values)<21))
return FALSE;
$count=count($values);
$selection="";
foreach($values as $val){
if($selection!="")
$selection.=" OR ";
$selection.=" itemdatalabel='$val'";
}
$typesql="";
if($type!="")
$typesql=" item.itemtype='$type' AND ";
$sortorder=" ASC ";
if(!is_numeric($sortby) && !($sortby <= $count) ){
$sortby=0;
}
if($sortby < 0){
$sortby=$sortby*-1;
$sortorder=" DESC ";
}
$sql="SELECT DISTINCT item.itemid,item.itemlabel FROM item,itemdata ON item.itemid=itemdata.itemid WHERE $typesql itemdata.itemdatalabel='".$values[$sortby]."' ORDER BY itemdata.itemdatavalue $sortorder";
//echo $sql;
$result=&$userdb->query($sql);
//echo $result->getMessage();
$numres=$result->numRows();
while($numres && $row=$result->fetchRow(DB_FETCHMODE_ASSOC)){
$items[$row['item.itemid']]['itemid']=$row['item.itemid'];
$items[$row['item.itemid']]['itemlabel']=$row['item.itemlabel'];
}
if(is_array($items)){
foreach($items as $key=>$value){
$sql="SELECT itemdatalabel,itemdatavalue FROM itemdata WHERE itemid='$key' AND ( $selection )";
//echo $sql;
$result=&$userdb->query($sql);
while($row=$result->fetchRow(DB_FETCHMODE_ASSOC) ){
$items[$key][$row['itemdatalabel']]=$row['itemdatavalue'];
}
}
}
$sql="SELECT DISTINCT item.itemid,item.itemlabel FROM item,itemdata ON item.itemid=itemdata.itemid WHERE $typesql itemdata.itemdatalabel!='".$values[$sortby]."' ORDER BY itemdata.itemdatavalue $sortorder";
//echo $sql;
$result=&$userdb->query($sql);
//echo $result->getMessage();
while($row=$result->fetchRow(DB_FETCHMODE_ASSOC)){
$items[$row['item.itemid']]['itemid']=$row['item.itemid'];
$items[$row['item.itemid']]['itemlabel']=$row['item.itemlabel'];
}
if(!is_array($items))
return FALSE;
foreach($items as $key=>$value){
$sql="SELECT itemdatalabel,itemdatavalue FROM itemdata WHERE itemid='$key' AND ( $selection )";
//echo $sql;
$result=&$userdb->query($sql);
while($row=$result->fetchRow(DB_FETCHMODE_ASSOC) ){
$items[$key][$row['itemdatalabel']]=$row['itemdatavalue'];
}
}
$sql="SELECT DISTINCT itemid,itemlabel FROM item WHERE itemtype='$type'";
//echo $sql;
$result=&$userdb->query($sql);
while($row=$result->fetchRow(DB_FETCHMODE_ASSOC) ){
if(!isset($items[$row['itemid']] ) ){
$items[$row['itemid']]['itemlabel']=$row['itemlabel'];
$sql="SELECT itemdatalabel,itemdatavalue FROM itemdata WHERE itemid='$key' AND ( $selection )";
//echo $sql;
$result=&$userdb->query($sql);
while($roww=$result->fetchRow(DB_FETCHMODE_ASSOC) ){
$items[$row['itemid']][$roww['itemdatalabel']]=$roww['itemdatavalue'];
}
}
}
return $items;
}
}
class Item{
function __construct($itemid){
$this->itemid=$itemid;
}
function getID(){
return $this->itemid;
}
function getOne($datalabel){
global $userdb;
$prep=&$userdb->prepare("SELECT itemdatavalue FROM itemsdata WHERE itemid='".$this->itemid."' AND itemdatalabel=?");
$result=&$userdb->execute($prep,array($datalabel));
if(DB::isError($result))
return FALSE;
$row=$result->fetchRow();
return $row[0];
}
function addData($datalabel,$datavalue){
global $userdb;
$pradddata=&$userdb->prepare("INSERT INTO itemsdata(iteminfoid,itemid,itemdatalabel,itemdatavalue) VALUES (?,'".$this->itemid."',?,?)");
if(is_array($datalabel) && is_array($datavalue)){
foreach($datalabel as $key=>$value){
$newdataid=mt_rand();
$result=&$userdb->execute($pradddata,array($newdataid,$value,$datavalue[$key]));
if(DB::isError($result))
return FALSE;
}
}
else{
$newdataid=mt_rand();
$result=&$userdb->execute($pradddata,array($newdataid,$datalabel,$datavalue));
if(DB::isError($result))
return FALSE;
}
return TRUE;
}
function editData($dataid,$datalabel,$datavalue){
global $userdb;
echo $datalabel;
$prep=&$userdb->prepare("UPDATE itemdata SET itemdatalabel=? AND itemdatavalue=? WHERE itemdataid=? ");
echo $dataid," ",$datalabel," ",$datavalue,"\n";
$result=&$userdb->execute($prep,array($dataid,$datalabel,$datavalue));
if(DB::isError($result))
echo $result->getMessage();
return TRUE;
}
function getData(){
global $userdb;
$result=&$userdb->query("SELECT * FROM item WHERE itemid='".$this->itemid."' ");
$row=$result->fetchRow(DB_FETCHMODE_ASSOC);
$rdata['itemlabel']=$row['itemlabel'];
$rdata['itemid']=$row['itemid'];
$rdata['itemtype']=$row['itemtype'];
$rdata['itemcreated']=$row['itemcreated'];
$rdata['itemmodified']=$row['itemmodified'];
$result=&$userdb->query("SELECT itemdataid,itemdatalabel,itemdatavalue FROM itemdata WHERE itemid='".$this->itemid."' ");
while($row=$result->fetchRow(DB_FETCHMODE_ASSOC)){
$rdata[$row['itemdataid']]['itemdatalabel']=$row['itemdatalabel'];
$rdata[$row['itemdataid']]['itemdatavalue']=$row['itemdatavalue'];
}
return $rdata;
}
}
if(USERID){
$user=new User(USERID);
$userdb=$user->getDB();
}
?>