Home Explore Help
Sign In
richard
/
sorbetcms
Watch 1
Star 0
Fork 1
Code Issues 0 Pull Requests 0 Commits 284 Releases 0 Wiki

A tumblelog CMS built on AJAX, PHP and MySQL.

Tree: 1b1990f42c
Branches Tags
sorbetcms/classes/user.class.php

user.class.php 5.6KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 
  1. <?php

  2. if (!defined('entry') || !entry) {

  3.     die('Not a valid page');

  4. }

  5. /* ===========================

  6. 

  7.   gelato CMS - A PHP based tumblelog CMS

  8.   development version

  9.   http://www.gelatocms.com/

  10. 

  11.   gelato CMS is a free software licensed under the GPL 2.0

  12.   Copyright (C) 2007 by Pedro Santana <pecesama at gmail dot com>

  13. 

  14.   =========================== */

  15. ?>

  16. <?php

  17. class user

  18. {

  19.     public $conf;

  20.     public $db;

  21.     public $cookieString;

  22.     public $cookieTime;

  23.     public $persist = false;

  24. 

  25.     public function __construct()

  26.     {

  27.         global $db;

  28.         global $conf;

  29. 

  30.         $this->db = $db;

  31.         $this->conf = $conf;

  32.         $this->cookie_life = 60*24*3600;

  33.         $this->cookieTime = time();

  34.     }

  35. 

  36.     public function isAdmin()

  37.     {

  38.         if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"]))  && (isset($_SESSION['authenticated'])  && $_SESSION['authenticated']==true)) {

  39.             return true;

  40.         }

  41. 

  42.         if (isset($_COOKIE["PHPSESSID"]) && $_COOKIE["PHPSESSID"]!="") {

  43.             if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"]))  && (isset($_SESSION['authenticated'])  && $_SESSION['authenticated']==true)) {

  44.                 return true;

  45.             }

  46.         }

  47. 

  48.         return false;

  49.     }

  50. 

  51.     public function validateUser($username="", $password="")

  52.     {

  53.         if ($this->db->ejecutarConsulta("SELECT id_user, login, password FROM ".$this->conf->tablePrefix."users WHERE login=".$this->db->sql_escape($username)." AND password='".$password."'")) {

  54.             if ($this->db->contarRegistros()>0) {

  55.                 $register = $this->db->obtenerRegistro();

  56.                 $_SESSION['user_id']=$register["id_user"];

  57.                 $_SESSION['user_login']=$register["login"];

  58.                 $_SESSION['authenticated'] = true;

  59.                 if (isset($_POST["save_pass"])) {

  60.                     $this->persist = true;

  61.                     setcookie("PHPSESSID", session_id(), $this->cookieTime+$this->cookie_life);

  62.                 }

  63.                 return true;

  64.             } else {

  65.                 return false;

  66.             }

  67.         } else {

  68.             return false;

  69.         }

  70.     }

  71. 

  72.     public function closeSession()

  73.     {

  74.         if (!$this->persist) {

  75.             session_destroy();

  76.         }

  77.         return true;

  78.     }

  79. 

  80.     public function userExist($user="")

  81.     {

  82.         if ($this->db->ejecutarConsulta("SELECT * FROM ".$this->conf->tablePrefix."users WHERE login='".$user."'")) {

  83.             if ($this->db->contarRegistros()>0) {

  84.                 return true;

  85.             } else {

  86.                 return false;

  87.             }

  88.         }

  89.     }

  90. 

  91.     public function isAuthenticated()

  92.     {

  93.         return $this->isAdmin();

  94.     }

  95. 

  96.     public function addUser($fieldsArray)

  97.     {

  98.         if ($this->db->ejecutarConsulta("SELECT id_user FROM ".$this->conf->tablePrefix."users WHERE login='".$fieldsArray['login']."'")) {

  99.             if ($this->db->contarRegistros()==0) {

  100.                 $realPassword = ($fieldsArray["password"]);

  101.                 $fieldsArray["password"] = md5($fieldsArray["password"]);

  102.                 if ($this->db->insertarDeFormulario($this->conf->tablePrefix."users", $fieldsArray)) {

  103.                     $this->confirmationEmail($fieldsArray['email'], $fieldsArray['login'], $realPassword);

  104.                     header("Location: ".$this->conf->urlGelato."/admin/admin.php?added=true");

  105.                     die();

  106.                 } else {

  107.                     header("Location: ".$this->conf->urlGelato."/admin/admin.php?error=2&des=".$this->merror);

  108.                     die();

  109.                 }

  110.             } else {

  111.                 header("Location: ".$this->conf->urlGelato."/admin/admin.php?error=1");

  112.                 die();

  113.             }

  114.         }

  115.     }

  116. 

  117.     public function modifyUser($fieldsArray, $id_user)

  118.     {

  119.         $fieldsArray["password"] = md5($fieldsArray["password"]);

  120.         if ($this->db->modificarDeFormulario($this->conf->tablePrefix."users", $fieldsArray, "id_user=$id_user")) {

  121.             header("Location: ".$this->conf->urlGelato."/admin/admin.php?modified=true");

  122.             die();

  123.         } else {

  124.             header("Location: ".$this->conf->urlGelato."/admin/admin.php?error=2&des=".$this->merror);

  125.             die();

  126.         }

  127.     }

  128. 

  129.     public function deleteUser($idUser)

  130.     {

  131.         $this->db->ejecutarConsulta("DELETE FROM ".$this->conf->tablePrefix."users WHERE id_user=".$idUser);

  132.     }

  133. 

  134.     public function getUsers($show="10", $from="0")

  135.     {

  136.         $sqlStr = "select * from ".$this->conf->tablePrefix."users ORDER BY id_user DESC LIMIT $from,$show";

  137.         $this->db->ejecutarConsulta($sqlStr);

  138.         return $this->db->mid_consulta;

  139.     }

  140. 

  141.     public function getUserByID($idUser)

  142.     {

  143.         if ($this->db->ejecutarConsulta("select * from ".$this->conf->tablePrefix."users where id_user=".$idUser)) {

  144.             if ($this->db->contarRegistros()>0) {

  145.                 return $registro=$this->db->obtenerRegistro();

  146.             } else {

  147.                 return false;

  148.             }

  149.         }

  150.     }

  151. 

  152.     public function confirmationEmail($email="", $user="", $password="")

  153.     {

  154.         $msg =  "<font face=verdana><em><font size=2>Account information on <strong>gelato CMS</strong></font></em><br/><br/>";

  155.         $msg .=    "Visit the <a href=\"".$this->conf->urlGelato."/admin/\">tumblelog panel</a> <br/><br/>";

  156.         $msg .=    "<font size=1>Username: <strong>".$user."</strong><br/><br/>";

  157.         $msg .=    "Password: <strong>".$password."</strong><br/><br/>";

  158.         $msg .=    "<em>Don't tell your password to anybody!!</em><br/><br/></font>";

  159. 

  160.         sendMail($email, "Register confirmation on gelato CMS", $msg, "no-reply@gelatocms.com");

  161.     }

  162. }

  163. ?>