Location: PHPKode > projects > Warp.cms - php/mysql content management > warp_121/usr_op.php
<?php

// [user operations module v.1.2.1]
// xantis.warp.cms - version 1.2
// (c) 2002 xantis - all rights reserved
// this code is registered and protected by international copyrights laws


//####### Register Globals !

extract($HTTP_ENV_VARS);
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
extract($HTTP_COOKIE_VARS);
extract($HTTP_SERVER_VARS);

//#########################

$ysecure = rawurldecode($ysecure);
$ysecure = base64_decode ($ysecure);
if ($ysecure == 'usr_frm-ok') {
	$xnt_control_var = 'xnt2002warp.cms';
} //end if

if (empty($yfilename)) {
	$yfilename = 'usr_op.php';
} //end if

require("lib_adv.php");


//##################################################


function xuser_operate () {

global	$wxu, $wxp;

//in vars
global	$usr_id_var, $usr_pass_var, $usr_repass_var, $op_var,
	$fname_var, $sname_var, $company_var, $addr_var, $city_var, 
	$region_var, $zipcode_var, $phone_var, $country_nam_var, 
	$country_idx_var, $email_var, $ywusr_register_title, $ywebsite_name,
	$subscr_var ;


//main vars
global 	$arr_var_result, $ywebsite_addr, $y_warp_xdate, $y_warp_xtime;

//cfg vars
global	$warp_user_can_register, $warp_user_cannot_reg_msg, $ywusr_xok_03,
	$ywusr_err_01, $ywusr_err_02, $ywusr_err_03, $ywusr_err_04, $ywusr_err_05,
	$ywusr_xok_01, $ywusr_xok_02, $ywusr_user_id, $ywusr_user_pass, $ywusr_err_07,
	$y_warp_err_data_failure, $warp_user_min_len, $ywusr_err_06, $ywusr_send_by_mail,
	$ywusr_adm_bad_words_list, $ywusr_err_08, $ywusr_thecompany_isneeded ;

global	$REQUEST_METHOD, $QUERY_STRING, $y_warp_direct_file_acc_msg_reff ;


$email_var = trim ($email_var);

//check request method
if ( ($REQUEST_METHOD <> 'POST') OR (!empty($QUERY_STRING)) ) {

	die (
	"&xcheck_load_controlvar=".rawurlencode('ok').
	"&xcheck_data_controlvar=".rawurlencode('notok').
	"&flash_form_text_err=".rawurlencode($y_warp_direct_file_acc_msg_reff).
	"&flash_form_text_oky=".rawurlencode("XXX").
	"&"
	) ;

} //end if


//################################ user add (no email)

if ($op_var == 'uaddx') {

$y_process_usr_err = 'ok';

	//check if user can register
	if ($warp_user_can_register <> 'y') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $warp_user_cannot_reg_msg;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check if not empty vars
	if ( (strlen($usr_id_var) < $warp_user_min_len) OR (strlen($usr_pass_var) < $warp_user_min_len) OR (strlen($usr_repass_var) < $warp_user_min_len) ) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_05;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check username bad words list
	$hlx_tmpx_badds_wds_arr = array();
	$hlx_tmpx_badds_wds_arr =  explode(",", $ywusr_adm_bad_words_list);
	for ($uy=0; $uy < count($hlx_tmpx_badds_wds_arr); $uy++) {
		if ($usr_id_var == trim($hlx_tmpx_badds_wds_arr[$uy])) {
			if ($y_process_usr_err == 'ok') {
				$xcheck_var_xerr = $ywusr_err_08;
			} //end if
			$y_process_usr_err = 'notok';
			$uy = count($hlx_tmpx_badds_wds_arr); //stop
		} //end if
	} //end for

	//check if passwords match
	if ($usr_pass_var <> $usr_repass_var) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_02;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check email
	if (!stristr($email_var, '@')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if
	if (!stristr($email_var, '.')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//get e-mail in use
	if ($y_process_usr_err == 'ok') {
		xmysql_read_data_fl ("SELECT id FROM users WHERE (usr_email='$email_var') ");
	} //end if

	//check e-mail in use
	if ($arr_var_result[0] <> '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_07;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if


	//get user ID in use
	if ($y_process_usr_err == 'ok') {
		xmysql_read_data_fl ("SELECT id FROM users WHERE (usr_name='$usr_id_var') ");
	} //end if

	//check user ID in use
	if ($arr_var_result[0] <> '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_03;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//if ok all write data
	if ($y_process_usr_err == 'ok') {
		$y_xenc_pass = base64_encode ($usr_pass_var);
		xmysql_write_data_fl ("INSERT INTO users (usr_name, usr_pass, usr_email, w_date, w_time) VALUES ('$usr_id_var', '$y_xenc_pass', '$email_var', '$y_warp_xdate', '$y_warp_xtime') ");
		xmysql_read_data_fl ("SELECT id FROM users WHERE ( (usr_name='$usr_id_var') AND (usr_pass='$y_xenc_pass') ) ");		
	} //end if

	//check if write successfull
	if ($arr_var_result[0] == '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $y_warp_err_data_failure;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if	


	echo(
	"&xcheck_load_controlvar=".rawurlencode('ok').
	"&xcheck_data_controlvar=".rawurlencode($y_process_usr_err).
	"&flash_form_text_err=".rawurlencode($xcheck_var_xerr).
	"&flash_form_text_oky=".rawurlencode("$ywusr_xok_01")."\n".rawurlencode("[ $ywusr_user_id : $usr_id_var ; $ywusr_user_pass : ******** ]").
	"&"
	);

} //end if

//################################ user add (email)


if ($op_var == 'uadde') {

$y_process_usr_err = 'ok';

	//check if user can register
	if ($warp_user_can_register <> 'y') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $warp_user_cannot_reg_msg;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check if not empty vars
	if (strlen($usr_id_var) < $warp_user_min_len) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_05;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check username bad words list
	$hlx_tmpx_badds_wds_arr = array();
	$hlx_tmpx_badds_wds_arr =  explode(",", $ywusr_adm_bad_words_list);
	for ($uy=0; $uy < count($hlx_tmpx_badds_wds_arr); $uy++) {
		if ($usr_id_var == trim($hlx_tmpx_badds_wds_arr[$uy])) {
			if ($y_process_usr_err == 'ok') {
				$xcheck_var_xerr = $ywusr_err_08;
			} //end if
			$y_process_usr_err = 'notok';
			$uy = count($hlx_tmpx_badds_wds_arr); //stop
		} //end if
	} //end for

	//check email
	if (!stristr($email_var, '@')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if
	if (!stristr($email_var, '.')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//get e-mail in use
	if ($y_process_usr_err == 'ok') {
		xmysql_read_data_fl ("SELECT id FROM users WHERE (usr_email='$email_var') ");
	} //end if

	//check e-mail in use
	if ($arr_var_result[0] <> '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_07;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if


	//get user ID in use
	if ($y_process_usr_err == 'ok') {
		xmysql_read_data_fl ("SELECT id FROM users WHERE (usr_name='$usr_id_var') ");
	} //end if

	//check user ID in use
	if ($arr_var_result[0] <> '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_03;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//if ok all write data
	if ($y_process_usr_err == 'ok') {
		$yx_rand_passw = substr(md5(uniqid(rand(),1)),0,5);
		$y_xenc_pass = base64_encode ($yx_rand_passw);
		xmysql_write_data_fl ("INSERT INTO users (usr_name, usr_pass, usr_email, w_date, w_time) VALUES ('$usr_id_var', '$y_xenc_pass', '$email_var', '$y_warp_xdate', '$y_warp_xtime') ");
		xmysql_read_data_fl ("SELECT id FROM users WHERE ( (usr_name='$usr_id_var') AND (usr_pass='$y_xenc_pass') ) ");		
	} //end if

	//check if write successfull
	if ($arr_var_result[0] == '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $y_warp_err_data_failure;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//if ok all mail data
	if ($y_process_usr_err == 'ok') {
		mail("$email_var", 
			"$ywebsite_name : $ywusr_register_title", 
				"$ywusr_xok_01"."\n".
				"$ywusr_user_id : $usr_id_var"."\n".
				"$ywusr_user_pass : $yx_rand_passw"."\n".
				'-----------------------------------'."\n".
				"$y_warp_xdate".'  -  '."$y_warp_xtime"."\n".
				'-----------------------------------'."\n".
				"$ywebsite_addr"."\n".
				'-----------------------------------'."\n"
		);
	} //end if


	echo(
	"&xcheck_load_controlvar=".rawurlencode('ok').
	"&xcheck_data_controlvar=".rawurlencode($y_process_usr_err).
	"&flash_form_text_err=".rawurlencode($xcheck_var_xerr).
	"&flash_form_text_oky=".rawurlencode("$ywusr_xok_03").
	"&"
	);

} //end if

//################################




//################################ user edit info

if ($op_var == 'uedx') {

$y_process_usr_err = 'ok';

	// check if country exists
	$hlocal_country_list_chkx = '';
	xmysql_read_data_fl ("SELECT id FROM country_list WHERE ( (c_id='$country_idx_var') AND (c_name='$country_nam_var') ) ");
	$hlocal_country_list_chkx = $arr_var_result[0] ;

	//check if not empty vars
	if ( (empty($fname_var)) OR (empty($sname_var)) OR (empty($addr_var)) OR 
	     (empty($city_var)) OR (empty($region_var)) OR (empty($zipcode_var)) OR 
	     (empty($hlocal_country_list_chkx)) OR (empty($phone_var)) OR (empty($email_var))	 ) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_01;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check empty company if required
	if ($ywusr_thecompany_isneeded == 'y') {
		if (empty($company_var)) {
			if ($y_process_usr_err == 'ok') {
				$xcheck_var_xerr = $ywusr_err_01;
			} //end if
			$y_process_usr_err = 'notok';
		} //end if
	} //end if

	//check email
	if (!stristr($email_var, '@')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if
	if (!stristr($email_var, '.')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//get e-mail in use
	if ($y_process_usr_err == 'ok') {
		xmysql_read_data_fl ("SELECT id FROM users WHERE ( (usr_email='$email_var') AND (MD5(usr_name)<>'$wxu') ) ");
	} //end if

	//check e-mail in use
	if ($arr_var_result[0] <> '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_07;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if



	//if ok all update data
	if ($y_process_usr_err == 'ok') {
		$y_xquer_usr_upd_ninfo = " UPDATE users SET ".
					 " usr_fname='$fname_var', ".
					 " usr_sname='$sname_var', ".
					 " usr_company='$company_var', ".
					 " usr_addr='$addr_var', ".
					 " usr_city='$city_var', ".
					 " usr_reg_st='$region_var', ".
					 " usr_zip='$zipcode_var', ".
					 " usr_country='$country_nam_var', ".
					 " usr_countr_id='$country_idx_var', ".
					 " usr_phone='$phone_var', ".
					 " usr_email='$email_var', ".
					 " w_subscr='$subscr_var' ".
					 " WHERE ( (MD5(usr_name)='$wxu') AND (MD5(usr_pass)='$wxp') ) " ;

		xmysql_write_data_fl ($y_xquer_usr_upd_ninfo);
		xmysql_read_data_fl ("SELECT id FROM users WHERE ( (MD5(usr_name)='$wxu') AND (MD5(usr_pass)='$wxp') AND (usr_fname='$fname_var') ) ");		
	} //end if


	//check if write successfull
	if ($arr_var_result[0] == '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $y_warp_err_data_failure;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if


	echo(
	"&xcheck_load_controlvar=".rawurlencode('ok').
	"&xcheck_data_controlvar=".rawurlencode($y_process_usr_err).
	"&flash_form_text_err=".rawurlencode($xcheck_var_xerr).
	"&flash_form_text_oky=".rawurlencode("$ywusr_xok_02").
	"&"
	);


} //end if

//################################



//################################ user edit info login

if ($op_var == 'uedy') {

$y_process_usr_err = 'ok';

	//check if not empty vars
	if ( (strlen($usr_pass_var) < $warp_user_min_len) OR (strlen($usr_repass_var) < $warp_user_min_len) ) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_05;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//check if passwords match
	if ($usr_pass_var <> $usr_repass_var) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_02;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if


	//if ok all update data
	if ($y_process_usr_err == 'ok') {
		$y_xenc_pass = base64_encode ($usr_pass_var);
		xmysql_write_data_fl ("UPDATE users SET usr_pass='$y_xenc_pass'  WHERE ( (MD5(usr_name)='$wxu') AND (MD5(usr_pass)='$wxp') ) ");
		xmysql_read_data_fl ("SELECT id FROM users WHERE ( (MD5(usr_name)='$wxu') AND (usr_pass='$y_xenc_pass') ) ");	
	} //end if

	//check if write successfull
	if ($arr_var_result[0] == '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $y_warp_err_data_failure;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if



	echo(
	"&xcheck_load_controlvar=".rawurlencode('ok').
	"&xcheck_data_controlvar=".rawurlencode($y_process_usr_err).
	"&flash_form_text_err=".rawurlencode($xcheck_var_xerr).
	"&flash_form_text_oky=".rawurlencode("$ywusr_xok_02")."\n".rawurlencode("[ $ywusr_user_id : $usr_id_var ; $ywusr_user_pass : ******** ]").
	"&"
	);


} //end if

//################################


//################################ user forget

if ($op_var == 'ufgt') {

$y_process_usr_err = 'ok';

	//check email
	if (!stristr($email_var, '@')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if
	if (!stristr($email_var, '.')) {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_04;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if

	//get e-mail in use
	if ($y_process_usr_err == 'ok') {
		xmysql_read_data_fl ("SELECT id, usr_name, usr_pass FROM users WHERE (usr_email='$email_var') ");
	} //end if

	//check e-mail in use
	if ($arr_var_result[0] == '') {
		if ($y_process_usr_err == 'ok') {
			$xcheck_var_xerr = $ywusr_err_06;
		} //end if
		$y_process_usr_err = 'notok';
	} //end if


	//if ok all send data
	if ($y_process_usr_err == 'ok') {
		$WARP_B64_DEC_AUTH_PASSW = base64_decode($arr_var_result[2]);
		mail("$email_var", 
			"$ywebsite_name : $ywusr_send_by_mail", 
				"$ywusr_user_id : $arr_var_result[1]"."\n".
				"$ywusr_user_pass : $WARP_B64_DEC_AUTH_PASSW"."\n".
				'-----------------------------------'."\n".
				"$y_warp_xdate".'  -  '."$y_warp_xtime"."\n".
				'-----------------------------------'."\n".
				"$ywebsite_addr"."\n".
				'-----------------------------------'."\n"
		);
	} //end if

	echo(
	"&xcheck_load_controlvar=".rawurlencode('ok').
	"&xcheck_data_controlvar=".rawurlencode($y_process_usr_err).
	"&flash_form_text_err=".rawurlencode($xcheck_var_xerr).
	"&flash_form_text_oky=".rawurlencode("$ywusr_xok_03").
	"&"
	);

} //end if

//################################


} //end function


//------------------------------------------------

if ($ysecure == 'usr_frm-ok') {
	xuser_operate ();
} //end if

//------------------------------------------------


// end of php code
?>
Return current item: Warp.cms - php/mysql content management