query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); $this->id = $res['id']; $this->userid = $res['userid']; $this->email = $res['email']; $this->firstname = $res['firstname']; $this->lastname = $res['lastname']; $this->homepage = $res['homepage']; $this->sex = $res['sex']; $this->assisted = $res['assisted']; $this->animated = $res['animated']; $this->language = $res['language']; $this->tablesview = $res['tableviews']; } else { if ( $uid != -1 ) { $this->create($uid); } } } function getFullname() { return $this->firstname." ".$this->lastname; } function getFullnameDisplay() { $fn = $this->getFullname(); if ($fn == "" || $fn == NULL || strlen(trim($fn)) == 0 ){ return $this->username; } return $fn; } function setUsername($un) { $this->username = $un; } function getFirstname() { return $this->firstname; } function setFirstname($val) { $this->firstname = $val; } function getLastname() { return $this->lastname; } function setLastname($val) { $this->lastname = $val; } function getEmail() { return $this->email; } function setEmail($val) { $this->email = $val; } function getSex() { return $this->sex; } function setSex($val) { $this->sex = $val; } function getAnimated() { return $this->animated; } function setAnimated($val) { $this->animated = $val; } function getAssisted() { return $this->assisted; } function setAssisted($val) { $this->assisted = $val; } function getTablesView() { return $this->tablesview; } function setTablesView($val) { $this->tablesview = $val; } function getLanguage() { return $this->language; } function setLanguage($val) { $this->language = $val; } function getHomepage() { return $this->homepage; } function setHomepage($val) { $this->homepage = $val; } function update() { global $kdb; $q = "UPDATE userinfo SET "; $q .= " firstname='".$this->firstname."'"; $q .= ", lastname='".$this->lastname."'"; $q .= ", email='".$this->email."'"; $q .= ", sex='".$this->sex."'"; $q .= ", animated='".$this->animated."'"; $q .= ", assisted='".$this->assisted."'"; $q .= ", homepage='".$this->homepage."'"; $q .= ", language='".$this->language."'"; $q .= " WHERE id=".$this->id." AND userid=".$this->userid; $kdb->query($q); } private function create($uid) { global $kdb; $q = "INSERT INTO userinfo (userid, sex, language) values (".$uid.", '".$this->sex."', '".$this->language."')"; $kdb->query($q); } } class User { private $id = -1; private $username = "Anonymous"; private $schoolID; private $details = null; private $groups = array(); private $roles = array( 'anonymous' => 1, 'authenticated' => 0, 'member' => 0, 'manager' => 0, 'schooladm' => 0); function __construct($uname) { if ( !is_int($uname)) { global $kdb; $q = "SELECT * FROM users WHERE uname='".$uname."'"; $ret = $kdb->query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); $this->id = $res['id']; $this->username = $res['uname']; $this->schoolID = $res['schoolID']; $this->groups = $kdb->getGroupsByUserId($res['id']); $lro = $res['roles']; $this->roles['anonymous'] = 0; $this->roles['authenticated'] = intval($lro[0]); $this->roles['member'] = intval($lro[1]); $this->roles['manager'] = intval($lro[2]); $this->roles['schooladm'] = intval($lro[3]); } } elseif ( $uname != -1 && is_int($uname) ) { global $kdb; $q = "SELECT * FROM users WHERE id=".$uname; $ret = $kdb->query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); $this->id = $res['id']; $this->username = $res['uname']; $this->schoolID = $res['schoolID']; $this->groups = $kdb->getGroupsByUserId($res['id']); $lro = $res['roles']; $this->roles['anonymous'] = 0; $this->roles['authenticated'] = intval($lro[0]); $this->roles['member'] = intval($lro[1]); $this->roles['manager'] = intval($lro[2]); $this->roles['schooladm'] = intval($lro[3]); } } } function getUsername() { return $this->username; } function getRoles() { return $this->roles; } function getGroups() { return $this->groups; } function hasAnyRole($required) { global $krihvel; $lstr = ""; foreach ( $required as $r) { $lstr .= " ".$r; } $krihvel->out("debug", "checking permissions, must have:".$lstr); if ( count($required) == 0) { return True; } else if ( count($required) == 1 && !$required[0] ) { return True; } foreach ($required as $r) { if ( array_key_exists($r, $this->roles) ) { if ( $this->roles[$r] == 1) { return True; } } } $krihvel->out("debug", "...failed"); return False; } function hasRole($role) { if ( $this->roles[$role] == 1) { return True; } return False; } function getDetails() { if ($this->details == null) { $ud = new UserDetails($this->id); $ud->setUsername($this->username); $this->details = $ud; } return $this->details; } function getId() { return $this->id; } function getSchoolID() { return $this->schoolID; } function getUserIdByUname($uname) { global $kdb; $q = "SELECT id FROM users WHERE uname='".$uname."'"; $ret = $kdb->query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); return $res['id']; } return -1; } function getUserById($usid) { global $kdb; $q = "SELECT users.id, uname, CONCAT(firstname, ' ', lastname) as fullname, firstname, lastname, users.schoolID FROM users LEFT JOIN userinfo ON users.id=userinfo.userid WHERE users.id=".$usid; $ret = $kdb->query($q); $res = mysql_fetch_array($ret); return $res; } function getSchool() { global $kdb; $q = "SELECT schoolName FROM schools WHERE schoolID=".$this->getSchoolID(); $ret = $kdb->query($q); $res = mysql_fetch_array($ret); return $res['schoolName']; } function getUsersBySchool($scid) { global $kdb; $q = "SELECT users.id, uname, CONCAT(firstname, ' ', lastname) as fullname, firstname, lastname, users.schoolID FROM users LEFT JOIN userinfo ON users.id=userinfo.userid WHERE schoolid=".$scid; $ret = $kdb->query($q); return $ret; } } $user = new User(-1); if ( isset($_SESSION['userid'])) { $user = new User($_SESSION['userid']); if ( $user->getId() == -1) { session_destroy(); header("Location:index.php"); } } ?>