Location: PHPKode > scripts > SmashUser > smashuser/user.php
<?php

/*
User class

Allows management of users.
Can be used in other applications.
*/

class user
{
	/*
	User variables

	Set in constructor.
	*/
	var $username;
	var $password;
	var $group;

	/*
	Constructor function

	Connects to database, sets user parameters, and checks that group is valid.
	*/

	function user($username=false, $password=false, $group=false)
	{
		global $config;
		mysql_connect($config['database']['host'], $config['database']['username'], $config['database']['password']);
		mysql_select_db($config['database']['db']);
		if ($username) $this->username = $username;
		if ($password) $this->password = $password;
		if ($group)
		{
			$result = mysql_query('select * from '.$config['database']['prefix'].'groups');
			if (mysql_num_rows($result)==0)
			{
				print $config['messages']['nonexistent_group'].'<br>';
				return false;
			}
			$this->group = $group;
			return true;
		}
	}
	
	/*
	Parameter setting function

	Sets the requested variable to the given value.
	*/
	
	function setparam($param, $value)
	{
		$this->$param = $value;
	}

	/*
	User checking function

	If a group is specified, it checks to see if the user has the right password and is in that group.
	Otherwise, just checks if the user and password match.
	*/

	function check($group=false)
	{
		global $config;
		if ($group)
		{
			$result = mysql_query('select * from '.$config['database']['prefix'].'users
								   where username="'.$this->username.'"
								   and password=password("'.$this->password.'")
								   and groupid="'.$group.'"');
		}
		else
		{
			$result = mysql_query('select * from '.$config['database']['prefix'].'users
								   where username="'.$this->username.'"
								   and password=password("'.$this->password.'")');
		}
		if (mysql_num_rows($result)==0)
		{ 
			print $config['messages']['no_match'].'<br>';
			return false;
		}
		return true;
	}
	
	/*
	User storage function

	Stores the current user in the database.
	*/
	
	function store()
	{
		global $config;
		if (empty($this->username) || empty($this->password) || empty($this->group))
		{
			print $config['messages']['bad_parameters'].'<br>';
			return false;
		}
		$result = mysql_query('select * from '.$config['database']['prefix'].'groups where groupid="'.$this->group.'"');
		if (mysql_num_rows($result)==0)
		{
			print $config['messages']['nonexistent_group'].'<br>';
			return false;
		}
		$result = mysql_query('select * from '.$config['database']['prefix'].'users where username="'.$this->username.'"');
		if (mysql_num_rows($result)==0)
		{
			$query = mysql_query('insert into '.$config['database']['prefix'].'users values ("'.$this->username.'", password("'.$this->password.'"), "'.$this->group.'")');
			if (!$query)
			{
				print $config['messages']['no_query'].'<br>';
				return false;
			}
			return true;
		}
		else
		{
			if (isset($this->password))
			{
				$query = mysql_query('update '.$config['database']['prefix'].'users set password=password("'.$this->password.'"), groupid="'.$this->group.'" where username="'.$this->username.'"');
			}
			else
			{
				$query = mysql_query('update '.$config['database']['prefix'].'users set groupid="'.$this->group.'" where username="'.$this->username.'"');
			}
			if (!$query)
			{
				print $config['messages']['no_query'].'<br>';
				return false;
			}
			return true;
		}
	}
	
	/*
	User removal function

	Removes the current user from the database.
	*/
	
	function remove()
	{
		global $config;
		if (empty($this->username))
		{
			print $config['messages']['bad_parameters'].'<br>';
			return false;
		}
		$result = mysql_query('delete from '.$config['database']['prefix'].'users where username="'.$this->username.'"');
		if (!$result)
		{
			print $config['messages']['no_query'].'<br>';
			return false;
		}
		return true;
	}
	
	/*
	User login function

	Registers session variable for the user
	*/
	
	function login()
	{
		global $HTTP_SESSION_VARS, $config;
		if (empty($this->username) || empty($this->password) || empty($this->group))
		{
			print $config['messages']['bad_parameters'].'<br>';
			return false;
		}
		if (!$this->check()) return false;
		$HTTP_SESSION_VARS['username'] = $this->username;
		$HTTP_SESSION_VARS['password'] = $this->password;
		$HTTP_SESSION_VARS['group'] = $this->group;
		return true;
	}
	
	/*
	User logout function

	Destroys session and unsets variables, just in case register_globals is on.
	*/
	
	function logout()
	{
		global $HTTP_SESSION_VARS, $username, $password, $group;
		session_destroy();
		$HTTP_SESSION_VARS = array();
		$username = '';
		$password = '';
		$group = '';
		return true;
	}
	
	/*
	Group addition function

	Creates a group with the given name.
	*/
	
	function create_group($name)
	{
		global $config;
		$result = mysql_query('insert into '.$config['database']['prefix'].'groups set groupid="'.$name.'"');
		if (!$result)
		{
			print $config['messages']['no_query'].'<br>';
			return false;
		}
		return true;
	}
	
	/*
	Group removal function

	Removes the group with the given name.
	*/
	
	function remove_group($name)
	{
		global $config;
		$result = mysql_query('delete from '.$config['database']['prefix'].'groups where groupid="'.$name.'"');
		if (!$result)
		{
			print $config['messages']['no_query'].'<br>';
			return false;
		}
		return true;
	}
}
Return current item: SmashUser