<?
/*
HPE - News Portal Engine
Copyright (C) 2000-2001 Mike Krus
This program is free software; it is distributed in the hope
that it will be useful, but WITHOUT ANY WARRANTY; without
even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE.
READ LICENSE.TXT IN THE BASE DIRECTORY FOR INFORMATION
ABOUT REDISTRIBUTING THIS SOURCE CODE
*/
class HPEUserEdit
{
function HPEUserEdit()
{
}
function checklogin($FUSER, $FPASSWD, &$id)
{
global $HPEtheDB;
global $HPEtheUser;
$id = 0;
$query = "SELECT userid, passwd FROM $HPEtheDB->dbtusers WHERE userlogin='$FUSER'";
$row = $HPEtheDB->one_array($query);
if($row == 0)
return "User ID and password combination is not present in the database. Please try again...";
if($FPASSWD != $row["passwd"])
{
HPEWatchdog("user", "User '$FUSER' failed to log in");
return "User ID and password combination is not present in the database. Please try again...";
}
$id = $row["userid"];
$HPEtheUser->init($id, false);
return "";
}
function login($FUSER, $FPASSWD)
{
global $HPEtheConfig;
global $HPEtheUser;
global $HPEtheDB;
$id = 0;
$res = $this->checklogin($FUSER, $FPASSWD, $id);
if($res != "")
return $res;
$data = $HPEtheDB->escapeString(serialize($HPEtheUser));
for($i=0; $i<5; $i++)
{
$session = md5("$id" . time());
$result = $HPEtheDB->query("INSERT INTO $HPEtheDB->dbtsessions (userid, session, data, lastaccess) VALUES " .
"($id, '$session', $data, " . time() . ")");
if(!$HPEtheDB->iserror($result))
{
setcookie("HPE_SESSION", $session, time() + 3600 * 24 * 7, "/");
global $HPE_SESSION;
$HPE_SESSION = $session;
break;
}
}
if($i == 5)
{
HPEWatchdog("user", "failed to create session for user $id");
$HPEtheUser->init(0);
}
return "";
}
function logout($done = 1)
{
global $HPEtheConfig;
global $HTTP_COOKIE_VARS;
global $HPEtheDB;
$HPEtheDB->query("DELETE FROM $HPEtheDB->dbtsessions WHERE session='" . $HTTP_COOKIE_VARS["HPE_SESSION"] . "'");
setcookie("HPE_SESSION", "", time()-3600, "/");
if($done)
{
header("Location: " . $HPEtheConfig->siteurl . "?logout");
exit;
}
}
function createUser($FUSERID, $FUSERNAME, $FEMAIL, $FDEFLANG)
{
global $HPEtheThemeMaker;
global $HPEtheConfig;
$res = $this->createUserData($FUSERID, $FUSERNAME, $FEMAIL, $FDEFLANG, $PASSWD);
if($res == "done")
{
if($HPEtheConfig->hasemail)
{
$data = array(
"FUSERID" => $FUSERID,
"PASSWD" => $PASSWD
);
$message = $HPEtheThemeMaker->TPLRun("user.new.mail", $data);
$header = "From: $HPEtheConfig->sitename Administrator <$HPEtheConfig->adminemail>";
if(mail($FEMAIL, "$HPEtheConfig->sitename Account Information", $message, $header))
$res = "done"; else $res = "error";
mail($HPEtheConfig->adminemail, "$HPEtheConfig->sitename New User",
"User id: $FUSERID\n" .
"User Name: $FUSERNAME\n" .
"Email: $FEMAIL\n" .
"Result: $res",
$header);
}
}
return $res;
}
function createUserData($FUSERLOGIN, $FUSERNAME, $FEMAIL, $FDEFLANG, &$PASSWD, $USERID = 0)
{
global $HPEtheDB;
global $HPEtheConfig;
global $HPEinc;
if($USERID)
{
$eui = $HPEtheDB->one_data("SELECT userid FROM $HPEtheDB->dbtusers WHERE userid=" . $user->uid);
if($eui)
return "UserId already attributed";
}
else
{
if(preg_match("%[^a-zA-Z0-9_]%", $FUSERLOGIN))
return "nonvalidid";
$query = "SELECT * FROM $HPEtheDB->dbtusers WHERE userlogin=\"$FUSERLOGIN\";";
$row = $HPEtheDB->one_array($query);
if($row)
return "duplicate";
$query = "SELECT * FROM $HPEtheDB->dbtusers WHERE email=\"$FEMAIL\";";
$row = $HPEtheDB->one_array($query);
if($row)
return "duplicate";
if($FEMAIL == "")
return "Must provide an Email Address";
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $FEMAIL))
return "Email is not valid";
$PASSWD = $HPEtheConfig->genRandKey();
}
$cache = "$HPEtheConfig->localpath/$HPEtheDB->dbtusers.default.xml";
if(!file_exists($cache))
$cache = "$HPEinc/$HPEtheDB->dbtusers.default.xml";
$cf = fopen($cache, "r");
if($cf)
{
$data = fread($cf, filesize ($cache));
fclose($cf);
}
else die("Failed to get default user data");
$data = str_replace("NEWLOGIN", $FUSERLOGIN, $data);
$data = str_replace("NEWTHEME", $HPEtheConfig->deftheme, $data);
$data = str_replace("NEWLANG", $FDEFLANG, $data);
$data = str_replace("NEWNAME", HPEXMLString($FUSERNAME), $data);
$data = str_replace("NEWEMAIL", $FEMAIL, $data);
if(!$USERID)
$USERID = $HPEtheDB->next_id($HPEtheDB->dbtusers);
$query = "INSERT INTO $HPEtheDB->dbtusers (userlogin, name, email, ugroup, created, passwd, data, userid) VALUES " .
"(" . $HPEtheDB->escapeString($FUSERLOGIN) . ", " . $HPEtheDB->escapeString($FUSERNAME) . ", " .
"'$FEMAIL', 0, '" . date("ymd") . "', '$PASSWD', " . $HPEtheDB->escapeString($data) . ", $USERID)";
$result = $HPEtheDB->query($query);
if($HPEtheDB->iserror($result))
return $HPEtheDB->dberr;
else
return "done";
}
function addPage($type, $title = "", $param = "")
{
global $HPEtheUser;
global $HPEtheConfig;
if(isset($HPEtheConfig->pagehandlers[$type]))
{
$page = $HPEtheConfig->pagehandlers[$type]["control"]->Create($param);
if($title != "") $page["title"] = $title;
else $page["title"] = "Page $HPEtheUser->nbpages";
$page["id"] = time();
$page["type"] = $type;
$HPEtheUser->pages[] = $page;
$HPEtheUser->nbpages++;
return $HPEtheUser->save();
}
else return "Unknown page type $type";
}
function delPage($i)
{
global $HPEtheUser;
$pages = array();
for($j=0; $j<$HPEtheUser->nbpages; $j++)
{
if($j != $i)
$pages[] = $HPEtheUser->pages[$j];
}
$HPEtheUser->pages = $pages;
$HPEtheUser->nbpages--;
return $HPEtheUser->save();
}
function renPage($i, $title)
{
global $HPEtheUser;
$HPEtheUser->pages[$i]["title"] = $title;
return $HPEtheUser->save();
}
function orderPageList($list)
{
global $HPEtheUser;
$pages = array();
for($i=0; $i<count($list); $i++)
$pages[] = $HPEtheUser->pages[$list[$i]];
$HPEtheUser->pages = $pages;
return $HPEtheUser->save();
}
function addModule($onpage, $type, $params)
{
global $HPEtheUser;
global $HPEtheConfig;
if($onpage == -1)
{
$title = "Page " . $HPEtheUser->nbpages;
$res = $this->addPage($HPEtheUser->prefpagetype, $title);
if($res != "") return $res;
else $onpage = $HPEtheUser->nbpages - 1;
}
if($onpage != -1)
{
if($HPEtheConfig->pagehandlers[$HPEtheUser->pages[$onpage]["type"]]["control"]->AcceptsModule($type))
{
$md = $HPEtheConfig->modhandlers[$type]["control"]->Create($params);
$HPEtheConfig->pagehandlers[$HPEtheUser->pages[$onpage]["type"]]["control"]->AddModule($HPEtheUser->pages[$onpage], $md);
return $HPEtheUser->save();
}
return HPEtranslate("an_wrongpagetype");
}
return "page not specified for new module";
}
function addMailJob($pageid, $timeout)
{
global $HPEtheDB;
global $HPEtheUser;
$w = time() - $timeout; // to make sure it gets sent soon
$query = "INSERT INTO $HPEtheDB->dbtmailpagejobs (userid, pageid, timeout, lastupdate) VALUES " .
"($HPEtheUser->userid, $pageid, $timeout, $w)";
$res = $HPEtheDB->query($query);
return !$HPEtheDB->iserror($res);
}
function changeMailJob($pageid, $timeout)
{
global $HPEtheDB;
global $HPEtheUser;
$res = $HPEtheDB->query("UPDATE $HPEtheDB->dbtmailpagejobs SET timeout=$timeout WHERE userid=$HPEtheUser->userid AND pageid=$pageid");
return !$HPEtheDB->iserror($res);
}
};
$HPEtheUserEdit = new HPEUserEdit();
?>