Home Explore Help
Sign In
richard
/
sorbetcms
Watch 1
Star 0
Fork 1
Code Issues 0 Pull Requests 0 Commits 292 Releases 0 Wiki

A tumblelog CMS built on AJAX, PHP and MySQL.

Branch: master
Branches Tags
sorbetcms/classes/user.class.php

user.class.php 5.5KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161 
  1. <?php

  2. if (!defined('entry') || !entry) {

  3.     die('Not a valid page');

  4. }

  5. /* ===========================

  6. 

  7.   Sorbet CMS - A PHP based tumblelog CMS forked from Gelato CMS

  8. 

  9.   Sorbet CMS is a free software licensed under the GPL 3.0

  10. 

  11.   =========================== */

  12. ?>

  13. <?php

  14. class user

  15. {

  16.     public $conf;

  17.     public $db;

  18.     public $cookieString;

  19.     public $cookieTime;

  20.     public $persist = false;

  21. 

  22.     public function __construct()

  23.     {

  24.         global $db;

  25.         global $conf;

  26. 

  27.         $this->db = $db;

  28.         $this->conf = $conf;

  29.         $this->cookie_life = 60*24*3600;

  30.         $this->cookieTime = time();

  31.     }

  32. 

  33.     public function isAdmin()

  34.     {

  35.         if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"]))  && (isset($_SESSION['authenticated'])  && $_SESSION['authenticated']==true)) {

  36.             return true;

  37.         }

  38. 

  39.         if (isset($_COOKIE["PHPSESSID"]) && $_COOKIE["PHPSESSID"]!="") {

  40.             if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"]))  && (isset($_SESSION['authenticated'])  && $_SESSION['authenticated']==true)) {

  41.                 return true;

  42.             }

  43.         }

  44. 

  45.         return false;

  46.     }

  47. 

  48.     public function validateUser($username="", $password="")

  49.     {

  50.         if ($this->db->ejecutarConsulta("SELECT id_user, login, password FROM ".$this->conf->tablePrefix."users WHERE login=".$this->db->sql_escape($username)." AND password='".$password."'")) {

  51.             if ($this->db->contarRegistros()>0) {

  52.                 $register = $this->db->obtenerRegistro();

  53.                 $_SESSION['user_id']=$register["id_user"];

  54.                 $_SESSION['user_login']=$register["login"];

  55.                 $_SESSION['authenticated'] = true;

  56.                 if (isset($_POST["save_pass"])) {

  57.                     $this->persist = true;

  58.                     setcookie("PHPSESSID", session_id(), $this->cookieTime+$this->cookie_life);

  59.                 }

  60.                 return true;

  61.             } else {

  62.                 return false;

  63.             }

  64.         } else {

  65.             return false;

  66.         }

  67.     }

  68. 

  69.     public function closeSession()

  70.     {

  71.         if (!$this->persist) {

  72.             session_destroy();

  73.         }

  74.         return true;

  75.     }

  76. 

  77.     public function userExist($user="")

  78.     {

  79.         if ($this->db->ejecutarConsulta("SELECT * FROM ".$this->conf->tablePrefix."users WHERE login='".$user."'")) {

  80.             if ($this->db->contarRegistros()>0) {

  81.                 return true;

  82.             } else {

  83.                 return false;

  84.             }

  85.         }

  86.     }

  87. 

  88.     public function isAuthenticated()

  89.     {

  90.         return $this->isAdmin();

  91.     }

  92. 

  93.     public function addUser($fieldsArray)

  94.     {

  95.         if ($this->db->ejecutarConsulta("SELECT id_user FROM ".$this->conf->tablePrefix."users WHERE login='".$fieldsArray['login']."'")) {

  96.             if ($this->db->contarRegistros()==0) {

  97.                 $realPassword = ($fieldsArray["password"]);

  98.                 $fieldsArray["password"] = md5($fieldsArray["password"]);

  99.                 if ($this->db->insertarDeFormulario($this->conf->tablePrefix."users", $fieldsArray)) {

  100.                     $this->confirmationEmail($fieldsArray['email'], $fieldsArray['login'], $realPassword);

  101.                     header("Location: ".$this->conf->urlSorbet."/admin/admin.php?added=true");

  102.                     die();

  103.                 } else {

  104.                     header("Location: ".$this->conf->urlSorbet."/admin/admin.php?error=2&des=".$this->merror);

  105.                     die();

  106.                 }

  107.             } else {

  108.                 header("Location: ".$this->conf->urlSorbet."/admin/admin.php?error=1");

  109.                 die();

  110.             }

  111.         }

  112.     }

  113. 

  114.     public function modifyUser($fieldsArray, $id_user)

  115.     {

  116.         $fieldsArray["password"] = md5($fieldsArray["password"]);

  117.         if ($this->db->modificarDeFormulario($this->conf->tablePrefix."users", $fieldsArray, "id_user=$id_user")) {

  118.             header("Location: ".$this->conf->urlSorbet."/admin/admin.php?modified=true");

  119.             die();

  120.         } else {

  121.             header("Location: ".$this->conf->urlSorbet."/admin/admin.php?error=2&des=".$this->merror);

  122.             die();

  123.         }

  124.     }

  125. 

  126.     public function deleteUser($idUser)

  127.     {

  128.         $this->db->ejecutarConsulta("DELETE FROM ".$this->conf->tablePrefix."users WHERE id_user=".$idUser);

  129.     }

  130. 

  131.     public function getUsers($show="10", $from="0")

  132.     {

  133.         $sqlStr = "select * from ".$this->conf->tablePrefix."users ORDER BY id_user DESC LIMIT $from,$show";

  134.         $this->db->ejecutarConsulta($sqlStr);

  135.         return $this->db->mid_consulta;

  136.     }

  137. 

  138.     public function getUserByID($idUser)

  139.     {

  140.         if ($this->db->ejecutarConsulta("select * from ".$this->conf->tablePrefix."users where id_user=".$idUser)) {

  141.             if ($this->db->contarRegistros()>0) {

  142.                 return $registro=$this->db->obtenerRegistro();

  143.             } else {

  144.                 return false;

  145.             }

  146.         }

  147.     }

  148. 

  149.     public function confirmationEmail($email="", $user="", $password="")

  150.     {

  151.         $msg =  "<font face=verdana><em><font size=2>Account information on <strong>Sorbet CMS</strong></font></em><br/><br/>";

  152.         $msg .=    "Visit the <a href=\"".$this->conf->urlSorbet."/admin/\">tumblelog panel</a> <br/><br/>";

  153.         $msg .=    "<font size=1>Username: <strong>".$user."</strong><br/><br/>";

  154.         $msg .=    "Password: <strong>".$password."</strong><br/><br/>";

  155.         $msg .=    "<em>Don't tell your password to anybody!!</em><br/><br/></font>";

  156. 

  157.         sendMail($email, "Register confirmation on Sorbet CMS", $msg, "no-reply@sorbetcms.net");

  158.     }

  159. }

  160. ?>