Location: PHPKode > projects > PowerMovieList > powermovielist-0_14_beta/userclass/standalone.php
<?php
/** powermovielist user-class standalone
 * $Id: standalone.php,v 1.8 2005/12/16 13:43:18 niko Exp $
*/

/*
* PowerMovieList User-Class - Standalone
* 
* ->use wbb, or phpnuke or whathever script you have - users for pml!
* look into DEVEL-DOC for more information on how this works
*
*
* !DO NOT MODIFY THIS FILE!
* if you want to create a new user-class you must save it under a different
* filename. Open config.inc.php to select the file then.
*/

/*require("../wbb2/acp/lib/functions.php");
require("../wbb2/acp/lib/config.inc.php");
require("../wbb2/acp/lib/class_db_mysql.php");
require("../wbb2/acp/lib/options.inc.php");
$phpversion=(int)(str_replace(".","",phpversion()));
$db = new db($sqlhost,$sqluser,$sqlpassword,$sqldb,$phpversion);
require("../wbb2/acp/lib/session.php");
*/

class pml_user {

    var $ActiveUser=array(); //the active user-data is stored here (filled when GetActiveUser or DoLogin is called)

    var $UseEditUser = true; //true if edituser.php should be avaliable (false if users aren't saved in pml_users)

    var $UserTable = ""; //used only in editrights.php - 2do: it should work over GetUserList

    function pml_user() { //constructor
    global $CFG, $pmldb;
        $this->UserTable = $CFG['Prefix']."users";
    }

    /* function GetUserLoggedIn
    *           Returns if a user is logged in - or if the guest is logged in...
    */
    function GetUserLoggedIn() {                       
        if(isset($_SESSION['LoggedIn'])) //logged in user saved here
            $LoggedIn = $_SESSION['LoggedIn'];
        else
            $LoggedIn = ""; //guest

        if($LoggedIn=="") return(false); else return(true);
    }
    

    /* function GetActiveUser
    *           Returns the current logged in user-data as assoc-array with all entries
    *           from the user-table.
    *           The logged in user is saved in the session-var $_SESSION['LoggedIn']
    */
    function GetActiveUser() {
        global $CFG, $pmldb;        
        
        if(count($this->ActiveUser)) return($this->ActiveUser); //allready loaded...

        if(isset($_SESSION['LoggedIn'])) //logged in user saved here
            $LoggedIn = $_SESSION['LoggedIn'];
        else
            $LoggedIn = ""; //guest

        if($LoggedIn!="") {
            $strSql = "SELECT * FROM " . $CFG['Prefix'] . "users WHERE name='$LoggedIn'";
            $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);
            if(mysql_num_rows($result)==0) {
                $LoggedIn="";
                $_SESSION['LoggedIn'] = "";
            } else {
                $this->ActiveUser = mysql_fetch_assoc($result);                 
            }
        }
        
        if($LoggedIn=="") {
            $this->ActiveUser = array("name"=>"Guest", "admin"=>0, "ID"=>1, "email"=>"");
        }
        
        return($this->ActiveUser);        
    }

    /*function GetUserList
    *          Returns a List of all users
    */
    function GetUserList() {
        global $CFG, $pmldb;
        static $Dat=array(); //caching!

        if(sizeof($Dat)) return($Dat);

        $strSql = "SELECT * FROM " . $CFG['Prefix'] . "users";
        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);
        $Dat = array();
        while($row=mysql_fetch_assoc($result)) {
            $Dat[$row['ID']] = $row;
        }
        return($Dat);
    }
    
    /*function DoAutoLogin
    *          checks if a autologin-cookie is set and logs in the user...
    */
    function DoAutologin() {
        global $CFG, $pmldb;
        if(!isset($_COOKIE['pmluserid'])) return(false);
        if(!isset($_COOKIE['pmluserpass'])) return(false);
        $strSql = "SELECT * FROM " . $CFG['Prefix'] . "users WHERE ID='" . $_COOKIE['pmluserid'] . "'";
        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);
        if(mysql_num_rows($result)==0)
            return(false);        
        
        $this->ActiveUser = mysql_fetch_array($result);
        if($CFG['UseActivate'] && $this->ActiveUser['activate']!=0)
            return(false);
        if($CFG['UseUserStatus'] && $this->ActiveUser['status']==0)
            return(false);

        if($_COOKIE['pmluserpass']!=$this->ActiveUser['pass'])
            return(false);

        $_SESSION['LoggedIn'] = $this->ActiveUser['name'];

        return(true);
    }

    /*function DoLogin
    *          Process login - check the password, activation and save user in LoggedIn if it is correct
    */
    function DoLogin($User, $Pass) {
        global $CFG, $pmldb;
        
        $strSql = "SELECT * FROM " . $CFG['Prefix'] . "users WHERE name='" . $User . "'";
        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);
        if(mysql_num_rows($result)==0) {
            RequestLogin(PML_LoginStyle_UserNotFound);
            exit;
        }
        $this->ActiveUser = mysql_fetch_array($result);
        if($CFG['UseUserStatus'])
        {
            if($this->ActiveUser['status']==0)
            {
                $_SESSION['LoggedIn'] = "";
                $this->ActiveUser=array();
                RequestLogin(PML_LoginStyle_UserNoStatus);
                exit;
            }
        }
        if($CFG['UseActivate'])
        {
            if($this->ActiveUser['activate']!=0)
            {
                $_SESSION['LoggedIn'] = "";
                $this->ActiveUser=array();
                RequestLogin(PML_LoginStyle_UserNotActivated);
                exit;
            }
        }
        
        $Pass = md5($Pass);
        
        if($Pass!=$this->ActiveUser['pass']) {
            $_SESSION['LoggedIn'] = "";
            $this->ActiveUser=array();
            RequestLogin(PML_LoginStyle_WrongPass);
            exit;
        }
        
        $_SESSION['LoggedIn'] = $this->ActiveUser['name'];
        
        $x=parse_url($CFG['HttpPath']);
        if(isset($_POST['savelogin'])) { //save autologin-data in cookie?               
            setcookie("pmluserid", $this->ActiveUser['ID'], time()+60*60*24*14, "", ""); //set cookies for userid and userpass - only for valid host and path!
            setcookie("pmluserpass", $this->ActiveUser['pass'], time()+60*60*24*14, "", "");            
        } else {
            setcookie("pmluserid", "", time()-60*60, "", "");     //delete cookie
            setcookie("pmluserpass", "", time()-60*60, "", "");            
        }
    }
    
    /*function DoLogout
    *          Loggs out the user - clears the session-var and the cookie
    */
    function DoLogout() {
        global $CFG;
	    $_SESSION['LoggedIn'] = ""; //logout...

        $x=parse_url($CFG['HttpPath']);
        setcookie("pmluserid", "", time()-3600, "", "");     //delete autologin-cookies
        setcookie("pmluserpass", "", time()-3600, "", "");            
        return(true);
    }

    /*function DoLostPassword
    *          lost-password-function
    */
    function DoLostPassword($User, $EMail) {
        global $CFG, $pmldb;
        $DOC_TITLE = $GLOBALS['strLostPassword'];
        include("top.html");
        $strSql = "SELECT * FROM " . $CFG['Prefix'] . "users WHERE name='$User' AND email='$EMail'";
        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);      
        if(mysql_num_rows($result)==0) {
            ErrorExit($GLOBALS['strUserOrMailNotFound']); 
        }
        $row = mysql_fetch_array($result);
        //the new password:
        $NewPass = substr(md5(rand(0,999999)),0,8);
        $strSql = "UPDATE " . $CFG['Prefix'] . "users Set pass='".md5($NewPass)."' WHERE ID=$row[ID]";

        
        $MailFileName = "lostpassword";

        if(FileExists("mail/$MailFileName.$ActiveList[lang].txt"))
            $MailFileName = "mail/$MailFileName.$ActiveList[lang].txt";
        else
            $MailFileName = "mail/$MailFileName.english.txt"; //use the default-file

        $MailSubject = $GLOBALS['strLostPassword']; //default Value
        $MailData = file($MailFileName);
        foreach($MailData as $k=>$Line) {
            $MailData[$k] = trim($MailData[$k]);
            $MailData[$k] = str_replace("_NEWNAME_", "$row[name]", $MailData[$k]);
            $MailData[$k] = str_replace("_USERNAME_", "$row[name]", $MailData[$k]);
            $MailData[$k] = str_replace("_NEWPASS_", "$NewPass", $MailData[$k]);
            $MailData[$k] = str_replace("_HTTPPATH_", "$CFG[HttpPath]", $MailData[$k]);
            if($MailData[$k]!="" && strstr($MailData[$k],"Subject: ")==$MailData[$k]) {
                $MailSubject =  str_replace("Subject: ", "", $MailData[$k]);
                unset($MailData[$k]); //delete this line
            }
        }

        if($CFG['Debug']) {
            echo "<pre>";
            echo "To: $row[email]\nSubject: $MailSubject\nFrom: $CFG[AdminEmail]\n";
            echo "\n";
            echo implode("\n", $MailData);
            echo "</pre>";
        }

        if(!mail($row['email'], $MailSubject, implode("\n", $MailData),"From: $CFG[AdminEmail]"))
            ErrorExit("can't send email!!");

        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);

    }

    /*function GetRegisterUserLink
    *          returns link where new users can register
    */
    function GetRegisterUserLink() {
        return("edituser.php".$GLOBALS['GlobalArg']."action=add");
    }

    /*function GetEditUserLink
    *          returns link the user with $ID can be edited
    */
    function GetEditUserLink($ID) {
        return("edituser.php".$GLOBALS['GlobalArg']."action=edit&ID=$ID");
    }

    /*function GetDeleteUserLink
    *          returns link where user with $ID can be deleted
    */
    function GetDeleteUserLink($ID) {
        return("edituser.php".$GLOBALS['GlobalArg']."action=delpass&ID=$ID");
    }

    /*function GetMemberListLink
    *          returns link for the member-list
    */
    function GetMemberListLink() {
        return("edituser.php".$GLOBALS['GlobalArg']."action=");
    }

    /*function GetUserDetailsLink
    *          returns link for the usersdetails user with $ID
    */
    function GetUserDetailsLink($ID) {
        return("edituser.php".$GLOBALS['GlobalArg']."action=details&ID=$ID");
    }

    /*function CountClick
    *          Counts a click for the active user
    */
    function CountClick() {
        global $CFG, $pmldb;
        if($this->ActiveUser['name']=="Guest") return;
        $strSql = "UPDATE " . $CFG['Prefix'] . "users SET dloadcount=dloadcount+1 WHERE ID=" . $this->ActiveUser['ID'];
        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);
    }

    /*function GetUserCount
    *          returns how many users are in the database (without guest!)
    */
    function GetUserCount() {
        global $CFG, $pmldb;
        $strSql = "SELECT COUNT(*) FROM $CFG[Prefix]users WHERE name!='Guest'";
        $result = pml_mysql_query($strSql, $pmldb) or trigger_error("can't execute:<pre>$strSql</pre><i>".mysql_error($pmldb)."</i>",E_USER_ERROR);      
        $row = mysql_fetch_row($result);
        return($row[0]);
    }

};

?>
Return current item: PowerMovieList