<?
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
function bco_get_username($id)
{
if (!is_numeric($id)) {
bco_error("In function get_username() id is not an integer. The value of id is: $id.");
}
$query = "SELECT username from users where id=$id";
$result = pg_query($query);
if (pg_num_rows($result) == 0) {
bco_error("Userid #$id does not exist");
}
$username = pg_fetch_result(pg_query($query), 0);
return $username;
}
function bco_authorize_user($username,$password)
{
if (($username == "") || ($password == "")) {
bco_error("Username or password is empty.");
}
$md5_password = md5($password);
$query = "SELECT id, banned from users where lower(username)=lower('$username') and password='$md5_password'";
//echo $query;
unset($md5_password);
if (!$result = pg_query($query)) {
bco_error("MySQL said: " . pg_last_error());
}
if (pg_num_rows($result) == 0) {
bco_error("Failed authorization.");
}
$row = pg_fetch_array($result);
unset($result);
if ($row['banned'] == 1) {
bco_error("Sorry you are banned.");
} else {
return $row['id'];
}
}
// This function checks to see if the userid corresponds with a real user. If not exit out, returning false.
function bco_user_exists($userid)
{
$existsQuery = "select id from users where id ='$userid'";
if (pg_num_rows(pg_query($existsQuery)) != "1") {
bco_error("There is no user for id #$userid.");
} else {
return true;
}
}
// dumb function to get the users id.
function bco_get_users_id($display_name)
{
$get_users_id_query = "select id from users where lower(username)=lower('$display_name')";
if (!$result = pg_query($get_users_id_query)) {
bco_error("MySQL said: " . pg_last_error());
}
if (pg_num_rows($result) != 1) {
bco_error("<strong>$display_name</strong> does not exist.");
} else {
return pg_fetch_result(pg_query($get_users_id_query), 0);
}
}
function bco_user_info($userid)
{
$query = "select id, banned, colors, stylesheet from users where id=$userid";
if (!$result = pg_query($query)) {
bco_error("User info query failed.");
}
unset($query);
return $row = pg_fetch_array($result);
}
// Checks for new messages..
function bco_check_messages($myuserid)
{
$check_for_messages_query = "select viewed from private_messages where to_userid=$myuserid and type='1' and viewed='0'";
if (!$result = pg_query($check_for_messages_query)) {
exit("ERROR: MySQL said: " . pg_last_error($result));
}
$value = pg_num_rows($result);
if ($value > 0 ) {
$alert = "\n<h2><a href=\"messages.php?folder=inbox\" class=\"newmessage\" style=\"text-decoration: blink;\">";
$alert .= "You have $value new message waiting.</a></h2>";
if ($value > 1) {
$plural = "s";
$alert = "\n<h2><a href=\"messages.php?folder=inbox\" class=\"newmessage\" style=\"text-decoration: blink;\">";
$alert .= "You have $value new message$plural waiting.</a></h2><br />";
}
} else {
$alert = "<br />";
}
return $alert;
}
// I want this to show a list of people logged in a viewing, and bold the people who are posting.
// If $numbers_only is set to true, it will only return the numbers.. ie: 23 viewing, 10 posting.
function bco_get_active_users($numbers_only = TRUE)
{
// This query gets people who have posted in the last 5 minutes.
$get_posters_query = "select username from users where last_post > NOW() - '5 minute'::interval and hidden='0'";
$hidden_users_query = "select count(id) from users where last_view > NOW() - '5 minute'::interval and hidden='1'";
$hidden_users = pg_fetch_result(pg_query($hidden_users_query), 0);
if (!$get_posters_result = pg_query($get_posters_query)) {
bco_error("Couldn't get users array.");
}
$posters_array = array();
while ($get_posters_row = pg_fetch_row($get_posters_result,$get_posters_result_countt++)) {
array_push($posters_array, $get_posters_row[0]);
}
$get_users_query = "select id, username from users where";
$get_users_query .= " last_view > NOW() - '5 minute'::interval and hidden='0' order by last_view desc";
if (!$result = pg_query($get_users_query)) {
bco_error("Could not query users table.");
}
$number_viewing = pg_num_rows($result);
$number_posting = pg_num_rows($get_posters_result);
if ($number_viewing == 0) {
$nv_plural = "people";
} elseif ($number_viewing == 1) {
$nv_plural = "person";
} else {
$nv_plural = "people";
}
if ($number_posting == 0) {
$np_plural = "people";
} elseif ($number_posting == 1) {
$np_plural = "person";
} else {
$np_plural = "people";
}
if ($hidden_users == 0) {
$h_plural = "people";
} elseif ($hidden_users == 1) {
$h_plural = "person";
} else {
$h_plural = "people";
}
if ($numbers_only == FALSE) {
echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"2\" class=\"replytable\">";
echo "\n <tr>";
echo "\n <td class=\"header\">active list</td>";
echo "\n </tr>";
echo "\n <tr>";
echo "\n <td nowrap=\"nowrap\" class=\"tr1\">";
echo "\n <span class=\"smallfont\">";
echo "\n <strong>$number_viewing</strong> $nv_plural viewing,";
echo "\n <strong>$number_posting</strong> $np_plural posting,";
echo "\n <strong>$hidden_users</strong> $h_plural hidden.";
echo "\n </span>";
echo "\n </td>";
echo "\n </tr>";
echo "\n <tr>";
echo "\n <td class=\"tr1\">";
while ($row = pg_fetch_assoc($result)) {
$username = $row['username'];
// username_copy is for the in_array function below.. that way we won't have an altered version of it.
$username_copy = $username;
// We don't want the username to break on a space, so make it non-breaking.
$username = ereg_replace(" ", " ", $username);
if (in_array("$username_copy", $posters_array)) {
$userlist .= "<strong><a href=\"view_profile.php?id=$row[id]\" class=\"tr1\">$username</a></strong>, \n";
} else {
$userlist .= "<a href=\"view_profile.php?id=$row[id]\" class=\"tr1\">$username</a>, \n";
} // end if(in_array())
} // end while()
echo "\n " . substr($userlist, 0, -3);
echo "\n </td>";
echo "\n </tr>";
echo "\n</table>";
} else {
return "<a href=\"active_users.php\" class=\"menu\">$number_viewing,$number_posting,$hidden_users people active</a>";
} // end if $numbers_only
} // End function
// Check to see if the username exists in the database already.
function bco_username_exists($u) {
$u = trim($u);
$u_query = "select id from users where lower(username)=lower('$u')";
if (!$u_result = pg_query($u_query)) {
bco_error("Couldn't execute 'bco_username_exists' query");
}
$rowsreturned = pg_num_rows($u_result);
if ($rowsreturned != 0) {
bco_error("Username $u exists");
} else {
return $u;
}
}
// Check the emails to make sure they're valid. also checking to make sure the email is a valid hostname.
function bco_newcheck_email($e,$e2) {
$e = preg_replace("/\s+/", " ", urldecode($e));
$e2 = preg_replace("/\s+/", " ", urldecode($e2));
$e = trim ($e);
$e2 = trim($e2);
if ($e != $e2) {
bco_error("Email's do not match");;
}
if (empty($e)) {
bco_error("Sorry, no e-mail address provided.");
}
if (!eregi("@", $e)) {
bco_error("No @ in the e-mail address.");
}
list ($user, $host) = split("@", $e);
$user = trim($user);
$host = trim($host);
if (!preg_match("/[0-9A-Za-z._-]+/i", $user)) {
bco_error("Invalid username in email address");
}
if (empty($host)) {
bco_error("Where is the hostname?");
}
if (ereg("localhost", $host)) {
bco_error("Localhost is not acceptable as a hostname.");
}
// Fix me.
if (!checkdnsrr($host . '.', "ANY")) {
bco_error("$host is NOT a valid hostname.");
}
return $e;
}
//
// Check against the config value for private message limit.. if true, then the user is over the limit.
//
function bco_check_message_limit($userid, $username)
{
// How many messages did we set the limit at? This query will tell us.
$query = "select config_value from bco_config where config_name='message_limit'";
if (!$result = pg_query($query)) {
bco_error("Message limit query failed. Line " . __LINE__ . " of " . __FILE__);
}
$limit = pg_fetch_result(pg_query($query), 0);
unset($query, $result);
// Should get how many messages we have.
$query = "select count(id) from private_messages where to_userid=$userid and lower(to_username)=lower('$username') and owner=$userid";
if (!$result = pg_query($query)) {
bco_error("Count message query failed.");
}
$message_amount = pg_fetch_result($result, 0);
$limit_array = array("limit" => "$limit",
"message_amount" => "$message_amount");
return $limit_array;
}
?>