Location: PHPKode > projects > top serious project > bco/functions/functions.users.php
<?

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

function bco_get_username($id)
{
	if (!is_numeric($id)) {
		bco_error("In function get_username() id is not an integer. The value of id is: $id.");
	}
    $query = "SELECT username from users where id=$id";
    $result = pg_query($query);
    if (pg_num_rows($result) == 0) {
		bco_error("Userid #$id does not exist");
	}
    $username = pg_fetch_result(pg_query($query), 0); 
    return $username;
}

function bco_authorize_user($username,$password)
{
    if (($username == "") || ($password == "")) {
		bco_error("Username or password is empty.");
	}
	$md5_password = md5($password);
    $query = "SELECT id, banned from users where lower(username)=lower('$username') and password='$md5_password'";
    //echo $query;
	unset($md5_password);
    
	if (!$result = pg_query($query)) {
		bco_error("MySQL said: " . pg_last_error());
	}
    
	if (pg_num_rows($result) == 0) {
        bco_error("Failed authorization.");
    }

	$row = pg_fetch_array($result);
	unset($result);

	if ($row['banned'] == 1) {
		bco_error("Sorry you are banned.");
	} else {
		return $row['id'];
	}

}

// This function checks to see if the userid corresponds with a real user. If not exit out, returning false.
function bco_user_exists($userid)
{
    $existsQuery = "select id from users where id ='$userid'";
    if (pg_num_rows(pg_query($existsQuery)) != "1") {
        bco_error("There is no user for id #$userid.");
    } else {
        return true;
    }
}

// dumb function to get the users id.
function bco_get_users_id($display_name)
{
    $get_users_id_query = "select id from users where lower(username)=lower('$display_name')";
    if (!$result = pg_query($get_users_id_query)) {
        bco_error("MySQL said: " . pg_last_error());
    } 
    if (pg_num_rows($result) != 1) {
        bco_error("<strong>$display_name</strong> does not exist.");
    } else {
        return pg_fetch_result(pg_query($get_users_id_query), 0);
    }
}

function bco_user_info($userid)
{
	$query = "select id, banned, colors, stylesheet from users where id=$userid";
	
	if (!$result = pg_query($query)) {
		bco_error("User info query failed.");
	}
	unset($query);
	
	return $row = pg_fetch_array($result);
}

// Checks for new messages.. 
function bco_check_messages($myuserid)
{
    $check_for_messages_query = "select viewed from private_messages where to_userid=$myuserid and type='1' and viewed='0'";
    if (!$result = pg_query($check_for_messages_query)) {
        exit("ERROR: MySQL said: " . pg_last_error($result));
    }
    $value = pg_num_rows($result);
    if ($value > 0 ) {
        $alert  = "\n<h2><a href=\"messages.php?folder=inbox\" class=\"newmessage\" style=\"text-decoration: blink;\">";
        $alert .= "You have $value new message waiting.</a></h2>";
        if ($value > 1) {
            $plural = "s";
            $alert  = "\n<h2><a href=\"messages.php?folder=inbox\" class=\"newmessage\" style=\"text-decoration: blink;\">";
            $alert .= "You have $value new message$plural waiting.</a></h2><br />";
        }
    } else {
        $alert = "<br />";
    }
    return $alert;
}

// I want this to show a list of people logged in a viewing, and bold the people who are posting.
// If $numbers_only is set to true, it will only return the numbers.. ie: 23 viewing, 10 posting.
function bco_get_active_users($numbers_only = TRUE)
{
    // This query gets people who have posted in the last 5 minutes.
    $get_posters_query = "select username from users where last_post > NOW() - '5 minute'::interval and hidden='0'";
    $hidden_users_query = "select count(id) from users where last_view > NOW() - '5 minute'::interval and hidden='1'";
    $hidden_users = pg_fetch_result(pg_query($hidden_users_query), 0);
    if (!$get_posters_result = pg_query($get_posters_query)) {
        bco_error("Couldn't get users array.");
    }
    $posters_array = array();
    while ($get_posters_row = pg_fetch_row($get_posters_result,$get_posters_result_countt++)) {
        array_push($posters_array, $get_posters_row[0]);
    }
    $get_users_query  = "select id, username from users where";
    $get_users_query .= " last_view > NOW() - '5 minute'::interval and hidden='0' order by last_view desc";

    if (!$result = pg_query($get_users_query)) {
        bco_error("Could not query users table.");
    }
    $number_viewing = pg_num_rows($result);
    $number_posting = pg_num_rows($get_posters_result);
    if ($number_viewing == 0) {
        $nv_plural = "people";
    } elseif ($number_viewing == 1) {
        $nv_plural = "person";
    } else {
        $nv_plural = "people";
    }
    if ($number_posting == 0) {
        $np_plural = "people";
    } elseif ($number_posting == 1) {
        $np_plural = "person";
    } else {
        $np_plural = "people";
    }
    if ($hidden_users == 0) {
        $h_plural = "people";
    } elseif ($hidden_users == 1) {
        $h_plural = "person";
    } else {
        $h_plural = "people";
    }

    if ($numbers_only == FALSE) {
   
        echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"2\" class=\"replytable\">";
        echo "\n    <tr>";
        echo "\n        <td class=\"header\">active list</td>";
        echo "\n    </tr>";
        echo "\n    <tr>";
        echo "\n        <td nowrap=\"nowrap\" class=\"tr1\">";
        echo "\n            <span class=\"smallfont\">";
        echo "\n                <strong>$number_viewing</strong> $nv_plural viewing,";
        echo "\n                <strong>$number_posting</strong> $np_plural posting,";
        echo "\n                <strong>$hidden_users</strong> $h_plural hidden.";
        echo "\n            </span>";
        echo "\n        </td>";
        echo "\n    </tr>";
        echo "\n    <tr>";
        echo "\n        <td class=\"tr1\">";
    
        while ($row = pg_fetch_assoc($result)) {
            $username = $row['username'];
            // username_copy is for the in_array function below.. that way we won't have an altered version of it.
            $username_copy = $username;
            // We don't want the username to break on a space, so make it non-breaking.
            $username = ereg_replace(" ", "&nbsp;", $username);
            if (in_array("$username_copy", $posters_array)) {
                $userlist .= "<strong><a href=\"view_profile.php?id=$row[id]\" class=\"tr1\">$username</a></strong>, \n";
            } else {
                $userlist .= "<a href=\"view_profile.php?id=$row[id]\" class=\"tr1\">$username</a>, \n";
            } // end if(in_array())
        } // end while()
        echo "\n        " . substr($userlist, 0, -3);
        echo "\n        </td>";
        echo "\n    </tr>";
        echo "\n</table>";
    } else {
        return "<a href=\"active_users.php\" class=\"menu\">$number_viewing,$number_posting,$hidden_users people active</a>";
    } // end if $numbers_only
} // End function

// Check to see if the username exists in the database already.
function bco_username_exists($u) {
    $u = trim($u);
    $u_query = "select id from users where lower(username)=lower('$u')";
    if (!$u_result = pg_query($u_query)) {
        bco_error("Couldn't execute 'bco_username_exists' query");
    }

    $rowsreturned = pg_num_rows($u_result);

    if ($rowsreturned != 0) {
        bco_error("Username $u exists");
    } else {
        return $u;
    }
}

// Check the emails to make sure they're valid. also checking to make sure the email is a valid hostname.
function bco_newcheck_email($e,$e2) {
    $e = preg_replace("/\s+/", " ", urldecode($e));
    $e2 = preg_replace("/\s+/", " ", urldecode($e2));
    $e = trim ($e);
    $e2 = trim($e2);
    if ($e != $e2) {
        bco_error("Email's do not match");;
    }
    if (empty($e)) {
        bco_error("Sorry, no e-mail address provided.");
    }
    if (!eregi("@", $e)) {
        bco_error("No @ in the e-mail address.");
    }
    list ($user, $host) = split("@", $e);
    $user = trim($user);
    $host = trim($host);
    if (!preg_match("/[0-9A-Za-z._-]+/i", $user)) {
        bco_error("Invalid username in email address");
    }
    if (empty($host)) {
        bco_error("Where is the hostname?");
    }
    if (ereg("localhost", $host)) {
        bco_error("Localhost is not acceptable as a hostname.");
    }
	// Fix me.
    if (!checkdnsrr($host . '.', "ANY")) {
        bco_error("$host is NOT a valid hostname.");
    }
    return $e;
}

//
// Check against the config value for private message limit.. if true, then the user is over the limit.
//
function bco_check_message_limit($userid, $username)
{
	// How many messages did we set the limit at? This query will tell us.
	$query = "select config_value from bco_config where config_name='message_limit'";

	if (!$result = pg_query($query)) {
		bco_error("Message limit query failed. Line " . __LINE__ . " of " . __FILE__);
	}

	$limit = pg_fetch_result(pg_query($query), 0);
	unset($query, $result);

	// Should get how many messages we have.
	$query = "select count(id) from private_messages where to_userid=$userid and lower(to_username)=lower('$username') and owner=$userid";

	if (!$result = pg_query($query)) {
		bco_error("Count message query failed.");
	}
	
	$message_amount = pg_fetch_result($result, 0);
	
	$limit_array = array("limit" => "$limit",
						 "message_amount" => "$message_amount");
	
	return $limit_array;
}

?>
Return current item: top serious project