123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161 |
- <?php
- if (!defined('entry') || !entry) {
- die('Not a valid page');
- }
- /* ===========================
-
- Sorbet CMS - A PHP based tumblelog CMS forked from Gelato CMS
-
- Sorbet CMS is a free software licensed under the GPL 3.0
-
- =========================== */
- ?>
- <?php
- class user
- {
- public $conf;
- public $db;
- public $cookieString;
- public $cookieTime;
- public $persist = false;
-
- public function __construct()
- {
- global $db;
- global $conf;
-
- $this->db = $db;
- $this->conf = $conf;
- $this->cookie_life = 60*24*3600;
- $this->cookieTime = time();
- }
-
- public function isAdmin()
- {
- if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"])) && (isset($_SESSION['authenticated']) && $_SESSION['authenticated']==true)) {
- return true;
- }
-
- if (isset($_COOKIE["PHPSESSID"]) && $_COOKIE["PHPSESSID"]!="") {
- if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"])) && (isset($_SESSION['authenticated']) && $_SESSION['authenticated']==true)) {
- return true;
- }
- }
-
- return false;
- }
-
- public function validateUser($username="", $password="")
- {
- if ($this->db->ejecutarConsulta("SELECT id_user, login, password FROM ".$this->conf->tablePrefix."users WHERE login=".$this->db->sql_escape($username)." AND password='".$password."'")) {
- if ($this->db->contarRegistros()>0) {
- $register = $this->db->obtenerRegistro();
- $_SESSION['user_id']=$register["id_user"];
- $_SESSION['user_login']=$register["login"];
- $_SESSION['authenticated'] = true;
- if (isset($_POST["save_pass"])) {
- $this->persist = true;
- setcookie("PHPSESSID", session_id(), $this->cookieTime+$this->cookie_life);
- }
- return true;
- } else {
- return false;
- }
- } else {
- return false;
- }
- }
-
- public function closeSession()
- {
- if (!$this->persist) {
- session_destroy();
- }
- return true;
- }
-
- public function userExist($user="")
- {
- if ($this->db->ejecutarConsulta("SELECT * FROM ".$this->conf->tablePrefix."users WHERE login='".$user."'")) {
- if ($this->db->contarRegistros()>0) {
- return true;
- } else {
- return false;
- }
- }
- }
-
- public function isAuthenticated()
- {
- return $this->isAdmin();
- }
-
- public function addUser($fieldsArray)
- {
- if ($this->db->ejecutarConsulta("SELECT id_user FROM ".$this->conf->tablePrefix."users WHERE login='".$fieldsArray['login']."'")) {
- if ($this->db->contarRegistros()==0) {
- $realPassword = ($fieldsArray["password"]);
- $fieldsArray["password"] = md5($fieldsArray["password"]);
- if ($this->db->insertarDeFormulario($this->conf->tablePrefix."users", $fieldsArray)) {
- $this->confirmationEmail($fieldsArray['email'], $fieldsArray['login'], $realPassword);
- header("Location: ".$this->conf->urlSorbet."/admin/admin.php?added=true");
- die();
- } else {
- header("Location: ".$this->conf->urlSorbet."/admin/admin.php?error=2&des=".$this->merror);
- die();
- }
- } else {
- header("Location: ".$this->conf->urlSorbet."/admin/admin.php?error=1");
- die();
- }
- }
- }
-
- public function modifyUser($fieldsArray, $id_user)
- {
- $fieldsArray["password"] = md5($fieldsArray["password"]);
- if ($this->db->modificarDeFormulario($this->conf->tablePrefix."users", $fieldsArray, "id_user=$id_user")) {
- header("Location: ".$this->conf->urlSorbet."/admin/admin.php?modified=true");
- die();
- } else {
- header("Location: ".$this->conf->urlSorbet."/admin/admin.php?error=2&des=".$this->merror);
- die();
- }
- }
-
- public function deleteUser($idUser)
- {
- $this->db->ejecutarConsulta("DELETE FROM ".$this->conf->tablePrefix."users WHERE id_user=".$idUser);
- }
-
- public function getUsers($show="10", $from="0")
- {
- $sqlStr = "select * from ".$this->conf->tablePrefix."users ORDER BY id_user DESC LIMIT $from,$show";
- $this->db->ejecutarConsulta($sqlStr);
- return $this->db->mid_consulta;
- }
-
- public function getUserByID($idUser)
- {
- if ($this->db->ejecutarConsulta("select * from ".$this->conf->tablePrefix."users where id_user=".$idUser)) {
- if ($this->db->contarRegistros()>0) {
- return $registro=$this->db->obtenerRegistro();
- } else {
- return false;
- }
- }
- }
-
- public function confirmationEmail($email="", $user="", $password="")
- {
- $msg = "<font face=verdana><em><font size=2>Account information on <strong>Sorbet CMS</strong></font></em><br/><br/>";
- $msg .= "Visit the <a href=\"".$this->conf->urlSorbet."/admin/\">tumblelog panel</a> <br/><br/>";
- $msg .= "<font size=1>Username: <strong>".$user."</strong><br/><br/>";
- $msg .= "Password: <strong>".$password."</strong><br/><br/>";
- $msg .= "<em>Don't tell your password to anybody!!</em><br/><br/></font>";
-
- sendMail($email, "Register confirmation on Sorbet CMS", $msg, "no-reply@sorbetcms.net");
- }
- }
- ?>
|