Location: PHPKode > projects > Philosopher'Stone Personal > pssp/libraries/users.php
<?php

// Copyright (c) 2010 by Paul M. Foster <hide@address.com>
// Licensed under PostgreSQL License (see LICENSE file)

class users
{
	var $db;

	function __construct($db)
	{
		$this->db = $db;
	}

	
	function get_all_users()
	{
		$users = array();
		$sql = 'SELECT * FROM users ORDER BY id';
		$result = $this->db->query_result($sql);
		return $result;
	}

	// Verify the user record exists; pass password in the clear
	function verify_user($userid, $password)
	{
		$password = md5($_POST['password']);
		$sql = 'SELECT * FROM users WHERE userid = ? and password = ?';
		$result = $this->db->query_result($sql, array($_POST['userid'], $password));
		if (count($result) == 0)
			return false;
		else
			return true;
	}

	function get_user_by_id($id)
	{
		$sql = 'SELECT * FROM users WHERE id = ?';
		$result = $this->db->query_result($sql, array($id));
		if (count($result) == 0)
			$user = false;
		else
			$user = $result[0];

		return $user;
	}

	function get_user_by_userid($userid)
	{
		$sql = 'SELECT * FROM users WHERE userid = ?';
		$result = $this->db->query_result($sql, array($userid));
		if (count($result) == 0)
			$user = false;
		else
			$user = $result[0];

		return $user;
	}

	function update_user($id, $post)
	{
		$errors = 0;

		$fl = array('userid', 'username', 'email', 'division', 'level');
		$upd = field_sieve($fl, $post);

		if (!empty($upd)) {
			$numrows = $this->db->update('users', $upd, "id = ?", array($id));
			// $numrows will be 0 if all fields the same
		}
		/* $errors += $this->update_access($id, $post); */
	
		if ($errors == 0)
			smsg("User $id successfully updated.");

		return $errors;
	}

	function update_password($id, $password)
	{
		$pw = md5($password);
		$result = $this->db->update('users', array('password' => $pw), 'id = ?', array($id));
		return $result;
	}

	// Adds a user to the users file, without any change to the access 
	// file.
	// Accepts the whole POST array.
	// Returns the user ID of the just added user.
	function add_user_no_access($post)
	{
		// user already exists?
		$sql = "SELECT * FROM users WHERE userid = ?";
		$arr = array($post['userid']);
		$result = $this->db->query_result($sql, $arr);
		if (count($result) != 0) {
			emsg('Duplicate user detected. Modify input and retry.');
			$user_id = 0;
		}
		else {
			// All okay!
			$post['password'] = md5($post['password']);

			$flds = array('userid', 'username', 'password', 'email', 'division', 'level');
			$fa = field_sieve($flds, $post);

			$this->db->insert('users', $fa);
			$user_id = $this->db->prev_id('users', 'id');
		}

		return $user_id;
	}

	// Adds a user to the users file AND updates the permissions in the 
	// access file.
	// Accepts the whole POST array.
	// Returns the user ID of the just added user.
	function add_user($post)
	{
		$user_id = $this->add_user_no_access($post);
		return $user_id;
	}

	function delete_user_by_id($id)
	{
		$result = $this->db->delete('users', 'id = ?', array($id));
		if ($result === false)
			trigger_error('Unable to delete user record.', E_USER_ERROR);
	}

};
PHP Helpdesk script - 100% PHP source code. Try it now!
Return current item: Philosopher'Stone Personal