A tumblelog CMS built on AJAX, PHP and MySQL.

user.class.php 4.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143
  1. <?php
  2. /* ===========================
  3. gelato CMS - A PHP based tumblelog CMS
  4. development version
  5. http://www.gelatocms.com/
  6. gelato CMS is a free software licensed under the GPL 2.0
  7. Copyright (C) 2007 by Pedro Santana <pecesama at gmail dot com>
  8. =========================== */
  9. ?>
  10. <?php
  11. require_once("configuration.class.php");
  12. class user extends Conexion_Mysql {
  13. var $conf;
  14. function user() {
  15. parent::Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);
  16. $this->conf = new configuration();
  17. }
  18. function isAdmin() {
  19. if(isset($_COOKIE["gelato_cookie"]) && $_COOKIE["gelato_cookie"] && $_COOKIE["gelato_cookie"]!="") {
  20. $galleta = explode(",",$_COOKIE["gelato_cookie"]);
  21. if ($this->validateUser($galleta[1],$galleta[2])) {
  22. $_SESSION["user_id"]=$galleta[0];
  23. $_SESSION["user_login"]=$galleta[1];
  24. } else {
  25. $_SESSION["user_id"]="";
  26. $_SESSION["user_login"]="";
  27. unset($_SESSION["user_id"]);
  28. unset($_SESSION["user_login"]);
  29. }
  30. }
  31. if (isset($_SESSION["user_id"]) && isset($_SESSION["user_login"])) {
  32. return true;
  33. }
  34. return false;
  35. }
  36. function validateUser($user="", $password="") {
  37. if ($this->ejecutarConsulta("SELECT id_user, login, password FROM ".$this->conf->tablePrefix."users WHERE login='".sql_escape($user)."' AND password='".$password."'")) {
  38. if ($this->contarRegistros()>0) {
  39. $register=$this->obtenerRegistro();
  40. $_SESSION['user_id']=$register["id_user"];
  41. $_SESSION['user_login']=$register["login"];
  42. if (isset($_POST["save_pass"])) {
  43. $cookie_life = 60*24*3600;
  44. setcookie("gelato_cookie",$register["id_user"].",".$register["login"].",".$register["password"],time()+$cookie_life);
  45. }
  46. return true;
  47. } else {
  48. return false;
  49. }
  50. } else {
  51. return false;
  52. }
  53. }
  54. function closeSession() {
  55. $_SESSION = array();
  56. $_COOKIE["gelato_cookie"]="";
  57. setcookie("gelato_cookie","",time()-3600,'/','',0);
  58. setcookie("gelato_cookie","",0);
  59. unset($_COOKIE["gelato_cookie"]);
  60. unset($_COOKIE[session_name()]);
  61. if (session_destroy()) {
  62. return true;
  63. } else {
  64. return false;
  65. }
  66. }
  67. function userExist($user="") {
  68. if ($this->ejecutarConsulta("SELECT * FROM ".$this->conf->tablePrefix."users WHERE login='".$user."'")) {
  69. if ($this->contarRegistros()>0) {
  70. return true;
  71. } else {
  72. return false;
  73. }
  74. }
  75. }
  76. function addUser($fieldsArray) {
  77. if ($this->ejecutarConsulta("SELECT id_user FROM ".$this->conf->tablePrefix."users WHERE login='".$fieldsArray['login']."'")) {
  78. if ($this->contarRegistros()==0) {
  79. if ($this->insertarDeFormulario($this->conf->tablePrefix."users", $fieldsArray)) {
  80. $this->confirmationEmail($fieldsArray['email'], $fieldsArray['login'], $fieldsArray['password']);
  81. header("Location: ".$this->conf->urlGelato."/admin/admin.php?added=true");
  82. die();
  83. } else {
  84. header("Location: ".$this->conf->urlGelato."/admin/admin.php?error=2&des=".$this->merror);
  85. die();
  86. }
  87. } else {
  88. header("Location: ".$this->conf->urlGelato."/admin/admin.php?error=1");
  89. die();
  90. }
  91. }
  92. }
  93. function modifyUser($fieldsArray, $id_user) {
  94. if ($this->modificarDeFormulario($this->conf->tablePrefix."users", $fieldsArray, "id_user=$id_user")) {
  95. header("Location: ".$this->conf->urlGelato."/admin/admin.php?modified=true");
  96. die();
  97. } else {
  98. header("Location: ".$this->conf->urlGelato."/admin/admin.php?error=2&des=".$this->merror);
  99. die();
  100. }
  101. }
  102. function deleteUser($idUser) {
  103. $this->ejecutarConsulta("DELETE FROM ".$this->conf->tablePrefix."users WHERE id_user=".$idUser);
  104. }
  105. function getUsers($show="10", $from="0") {
  106. $sqlStr = "select * from ".$this->conf->tablePrefix."users ORDER BY id_user DESC LIMIT $from,$show";
  107. $this->ejecutarConsulta($sqlStr);
  108. return $this->mid_consulta;
  109. }
  110. function getUserByID($idUser) {
  111. if ($this->ejecutarConsulta("select * from ".$this->conf->tablePrefix."users where id_user=".$idUser)) {
  112. if ($this->contarRegistros()>0) {
  113. return $registro=$this->obtenerRegistro();
  114. } else {
  115. return false;
  116. }
  117. }
  118. }
  119. function confirmationEmail($email="", $user="", $password="") {
  120. $msg = "<font face=verdana><em><font size=2>Account information on <strong>gelato CMS</strong></font></em><br/><br/>";
  121. $msg .= "<font size=1>Username: <strong>".$user."</strong><br/><br/>";
  122. $msg .= "Password: <strong>".$password."</strong><br/><br/>";
  123. $msg .= "<em>Don't tell your password to anybody!!</em><br/><br/></font>";
  124. sendMail($email, "Register conformation on gelato CMS", $msg, "no-reply@gelatocms.com");
  125. }
  126. }
  127. ?>