query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); $this->id = $res['id']; $this->userid = $res['userid']; $this->email = $res['email']; $this->firstname = $res['firstname']; $this->lastname = $res['lastname']; $this->homepage = $res['homepage']; $this->sex = $res['sex']; $this->language = $res['language']; } else { if ( $uid != -1 ) { $this->create($uid); } } } function getFullname() { return $this->firstname." ".$this->lastname; } function getFullnameDisplay() { $fn = $this->getFullname(); if ($fn == "" || $fn == NULL || strlen(trim($fn)) == 0 ){ return $this->username; } return $fn; } function setUsername($un) { $this->username = $un; } function getFirstname() { return $this->firstname; } function setFirstname($val) { $this->firstname = $val; } function getLastname() { return $this->lastname; } function setLastname($val) { $this->lastname = $val; } function getEmail() { return $this->email; } function setEmail($val) { $this->email = $val; } function getSex() { return $this->sex; } function setSex($val) { $this->sex = $val; } function getLanguage() { return $this->language; } function setLanguage($val) { $this->language = $val; } function getHomepage() { return $this->homepage; } function setHomepage($val) { $this->homepage = $val; } function update() { global $tdb; $q = "UPDATE ".DB_PREFIX."_userinfo SET "; $q .= " firstname='".$this->firstname."'"; $q .= ", lastname='".$this->lastname."'"; $q .= ", email='".$this->email."'"; $q .= ", sex='".$this->sex."'"; $q .= ", homepage='".$this->homepage."'"; $q .= ", language='".$this->language."'"; $q .= " WHERE id=".$this->id." AND userid=".$this->userid; $tdb->query($q); } private function create($uid) { global $tdb; $q = "INSERT INTO ".DB_PREFIX."_userinfo (userid, sex, language) values (".$uid.", '".$this->sex."', '".$this->language."')"; $tdb->query($q); } } class User { private $id = -1; private $username = "Anonymous"; private $details = null; private $groups = array(); private $roles = array( 'anonymous' => 1, 'authenticated' => 0, 'member' => 0, 'manager' => 0); function __construct($uname) { if ( !is_int($uname)) { global $tdb; $q = "SELECT * FROM ".DB_PREFIX."_users WHERE uname='".$uname."'"; $ret = $tdb->query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); $this->id = $res['id']; $this->username = $res['uname']; $this->groups = $tdb->getGroupsByUserId($res['id']); $lro = $res['roles']; $this->roles['anonymous'] = 0; $this->roles['authenticated'] = intval($lro[0]); $this->roles['member'] = intval($lro[1]); $this->roles['manager'] = intval($lro[2]); } } elseif ( $uname != -1 && is_int($uname) ) { global $tdb; $q = "SELECT * FROM ".DB_PREFIX."_users WHERE id=".$uname; $ret = $tdb->query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); $this->id = $res['id']; $this->username = $res['uname']; $this->groups = $tdb->getGroupsByUserId($res['id']); $lro = $res['roles']; $this->roles['anonymous'] = 0; $this->roles['authenticated'] = intval($lro[0]); $this->roles['member'] = intval($lro[1]); $this->roles['manager'] = intval($lro[2]); } } } function getUsername() { return $this->username; } function getRoles() { return $this->roles; } function getGroups() { return $this->groups; } function hasAnyRole($required) { global $tops; $lstr = ""; foreach ( $required as $r) { $lstr .= " ".$r; } //$tops->out("debug", "checking permissions, must have:".$lstr); if ( count($required) == 0) { return True; } else if ( count($required) == 1 && !$required[0] ) { return True; } foreach ($required as $r) { if ( array_key_exists($r, $this->roles) ) { if ( $this->roles[$r] == 1) { return True; } } } //$tops->out("debug", "...failed"); return False; } function hasRole($role) { if ( $this->roles[$role] == 1) { return True; } return False; } function getDetails() { if ($this->details == null) { $ud = new UserDetails($this->id); $ud->setUsername($this->username); $this->details = $ud; } return $this->details; } function getId() { return $this->id; } function getUserIdByUname($uname) { global $tdb; $q = "SELECT id FROM ".DB_PREFIX."_users WHERE uname='".$uname."'"; $ret = $tdb->query($q); $num = mysql_num_rows($ret); if ( $num == 1) { // OK $res = mysql_fetch_array($ret); return $res['id']; } return -1; } function getUserById($usid) { global $tdb; $q = "SELECT * FROM ".DB_PREFIX."_users LEFT JOIN userinfo ON ".DB_PREFIX."_users.id=".DB_PREFIX."_userinfo.userid WHERE ".DB_PREFIX."_users.id=".$usid; $ret = $tdb->query($q); $res = mysql_fetch_array($ret); return $res; } function getUsers() { global $tdb; return $tdb->query("SELECT *, concat(firstname, ' ', lastname) AS fullname FROM ".DB_PREFIX."_users LEFT JOIN ".DB_PREFIX."_userinfo ON ".DB_PREFIX."_users.id=".DB_PREFIX."_userinfo.userid WHERE approved"); } } $user = new User(-1); if ( isset($_SESSION['userid'])) { $user = new User($_SESSION['userid']); if ( $user->getId() == -1) { session_destroy(); header("Location:index.php"); } } ?>