PageRenderTime 26ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/ collman/ta_logindatabase.inc

http://collman.googlecode.com/
PHP | 293 lines | 158 code | 32 blank | 103 comment | 24 complexity | 6445643e7c69083ce200f836b190e1ad MD5 | raw file
    

  1. <?php

    2. 

  2. /**

    3. 

  3.  * Database.php

    4. 

  4.  * 

    5. 

  5.  * The Database class is meant to simplify the task of accessing

    6. 

  6.  * information from the website's database.

    7. 

  7.  *

    8. 

  8.  * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)

    9. 

  9.  * Last Updated: August 17, 2004

    10. 

  10.  */

    11. 

  11. include("ta_loginconstants.inc");

    12. 

  12.       

    13. 

  13. class MySQLDB

    14. 

  14. {

    15. 

  15.    var $connection;         //The MySQL database connection

    16. 

  16.    var $num_active_users;   //Number of active users viewing site

    17. 

  17.    var $num_active_guests;  //Number of active guests viewing site

    18. 

  18.    var $num_members;        //Number of signed-up users

    19. 

  19.    /* Note: call getNumMembers() to access $num_members! */

    20. 

  20. 

    21. 

  21.    /* Class constructor */

    22. 

  22.    function MySQLDB(){

    23. 

  23.       /* Make connection to database */

    24. 

  24.       $this->connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die(mysql_error());

    25. 

  25.       mysql_select_db(DB_NAME, $this->connection) or die(mysql_error());

    26. 

  26.       

    27. 

  27.       /**

    28. 

  28.        * Only query database to find out number of members

    29. 

  29.        * when getNumMembers() is called for the first time,

    30. 

  30.        * until then, default value set.

    31. 

  31.        */

    32. 

  32.       $this->num_members = -1;

    33. 

  33.       

    34. 

  34.       if(TRACK_VISITORS){

    35. 

  35.          /* Calculate number of users at site */

    36. 

  36.          $this->calcNumActiveUsers();

    37. 

  37.       

    38. 

  38.          /* Calculate number of guests at site */

    39. 

  39.          $this->calcNumActiveGuests();

    40. 

  40.       }

    41. 

  41.    }

    42. 

  42. 

    43. 

  43.    /**

    44. 

  44.     * confirmUserPass - Checks whether or not the given

    45. 

  45.     * username is in the database, if so it checks if the

    46. 

  46.     * given password is the same password in the database

    47. 

  47.     * for that user. If the user doesn't exist or if the

    48. 

  48.     * passwords don't match up, it returns an error code

    49. 

  49.     * (1 or 2). On success it returns 0.

    50. 

  50.     */

    51. 

  51.    function confirmUserPass($username, $password){

    52. 

  52.       /* Add slashes if necessary (for query) */

    53. 

  53.       if(!get_magic_quotes_gpc()) {

    54. 

  54. 	      $username = addslashes($username);

    55. 

  55.       }

    56. 

  56. 

    57. 

  57.       /* Verify that user is in database */

    58. 

  58.       $q = "SELECT password FROM ".TBL_USERS." WHERE username = '$username'";

    59. 

  59.       $result = mysql_query($q, $this->connection);

    60. 

  60.       if(!$result || (mysql_numrows($result) < 1)){

    61. 

  61.          return 1; //Indicates username failure

    62. 

  62.       }

    63. 

  63. 

    64. 

  64.       /* Retrieve password from result, strip slashes */

    65. 

  65.       $dbarray = mysql_fetch_array($result);

    66. 

  66.       $dbarray['password'] = stripslashes($dbarray['password']);

    67. 

  67.       $password = stripslashes($password);

    68. 

  68. 

    69. 

  69.       /* Validate that password is correct */

    70. 

  70.       if($password == $dbarray['password']){

    71. 

  71.          return 0; //Success! Username and password confirmed

    72. 

  72.       }

    73. 

  73.       else{

    74. 

  74.          return 2; //Indicates password failure

    75. 

  75.       }

    76. 

  76.    }

    77. 

  77.    

    78. 

  78.    /**

    79. 

  79.     * confirmUserID - Checks whether or not the given

    80. 

  80.     * username is in the database, if so it checks if the

    81. 

  81.     * given userid is the same userid in the database

    82. 

  82.     * for that user. If the user doesn't exist or if the

    83. 

  83.     * userids don't match up, it returns an error code

    84. 

  84.     * (1 or 2). On success it returns 0.

    85. 

  85.     */

    86. 

  86.    function confirmUserID($username, $userid){

    87. 

  87.       /* Add slashes if necessary (for query) */

    88. 

  88.       if(!get_magic_quotes_gpc()) {

    89. 

  89. 	      $username = addslashes($username);

    90. 

  90.       }

    91. 

  91. 

    92. 

  92.       /* Verify that user is in database */

    93. 

  93.       $q = "SELECT userid FROM ".TBL_USERS." WHERE username = '$username'";

    94. 

  94.       $result = mysql_query($q, $this->connection);

    95. 

  95.       if(!$result || (mysql_numrows($result) < 1)){

    96. 

  96.          return 1; //Indicates username failure

    97. 

  97.       }

    98. 

  98. 

    99. 

  99.       /* Retrieve userid from result, strip slashes */

    100. 

  100.       $dbarray = mysql_fetch_array($result);

    101. 

  101.       $dbarray['userid'] = stripslashes($dbarray['userid']);

    102. 

  102.       $userid = stripslashes($userid);

    103. 

  103. 

    104. 

  104.       /* Validate that userid is correct */

    105. 

  105.       if($userid == $dbarray['userid']){

    106. 

  106.          return 0; //Success! Username and userid confirmed

    107. 

  107.       }

    108. 

  108.       else{

    109. 

  109.          return 2; //Indicates userid invalid

    110. 

  110.       }

    111. 

  111.    }

    112. 

  112.    

    113. 

  113.    /**

    114. 

  114.     * usernameTaken - Returns true if the username has

    115. 

  115.     * been taken by another user, false otherwise.

    116. 

  116.     */

    117. 

  117.    function usernameTaken($username){

    118. 

  118.       if(!get_magic_quotes_gpc()){

    119. 

  119.          $username = addslashes($username);

    120. 

  120.       }

    121. 

  121.       $q = "SELECT username FROM ".TBL_USERS." WHERE username = '$username'";

    122. 

  122.       $result = mysql_query($q, $this->connection);

    123. 

  123.       return (mysql_numrows($result) > 0);

    124. 

  124.    }

    125. 

  125.    

    126. 

  126.    /**

    127. 

  127.     * usernameBanned - Returns true if the username has

    128. 

  128.     * been banned by the administrator.

    129. 

  129.     */

    130. 

  130.    function usernameBanned($username){

    131. 

  131.       if(!get_magic_quotes_gpc()){

    132. 

  132.          $username = addslashes($username);

    133. 

  133.       }

    134. 

  134.       $q = "SELECT username FROM ".TBL_BANNED_USERS." WHERE username = '$username'";

    135. 

  135.       $result = mysql_query($q, $this->connection);

    136. 

  136.       return (mysql_numrows($result) > 0);

    137. 

  137.    }

    138. 

  138.    

    139. 

  139.    /**

    140. 

  140.     * addNewUser - Inserts the given (username, password, email)

    141. 

  141.     * info into the database. Appropriate user level is set.

    142. 

  142.     * Returns true on success, false otherwise.

    143. 

  143.     */

    144. 

  144.    function addNewUser($username, $password, $email){

    145. 

  145.       $time = time();

    146. 

  146.       /* If admin sign up, give admin user level */

    147. 

  147.       if(strcasecmp($username, ADMIN_NAME) == 0){

    148. 

  148.          $ulevel = ADMIN_LEVEL;

    149. 

  149.       }else{

    150. 

  150.          $ulevel = USER_LEVEL;

    151. 

  151.       }

    152. 

  152.       $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', '$userlanguage', $time)";

    153. 

  153.       return mysql_query($q, $this->connection);

    154. 

  154.    }

    155. 

  155.    

    156. 

  156.    /**

    157. 

  157.     * updateUserField - Updates a field, specified by the field

    158. 

  158.     * parameter, in the user's row of the database.

    159. 

  159.     */

    160. 

  160.    function updateUserField($username, $field, $value){

    161. 

  161.       $q = "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'";

    162. 

  162.       return mysql_query($q, $this->connection);

    163. 

  163.    }

    164. 

  164.    

    165. 

  165.    /**

    166. 

  166.     * getUserInfo - Returns the result array from a mysql

    167. 

  167.     * query asking for all information stored regarding

    168. 

  168.     * the given username. If query fails, NULL is returned.

    169. 

  169.     */

    170. 

  170.    function getUserInfo($username){

    171. 

  171.       $q = "SELECT * FROM ".TBL_USERS." WHERE username = '$username'";

    172. 

  172.       $result = mysql_query($q, $this->connection);

    173. 

  173.       /* Error occurred, return given name by default */

    174. 

  174.       if(!$result || (mysql_numrows($result) < 1)){

    175. 

  175.          return NULL;

    176. 

  176.       }

    177. 

  177.       /* Return result array */

    178. 

  178.       $dbarray = mysql_fetch_array($result);

    179. 

  179.       return $dbarray;

    180. 

  180.    }

    181. 

  181.    

    182. 

  182.    /**

    183. 

  183.     * getNumMembers - Returns the number of signed-up users

    184. 

  184.     * of the website, banned members not included. The first

    185. 

  185.     * time the function is called on page load, the database

    186. 

  186.     * is queried, on subsequent calls, the stored result

    187. 

  187.     * is returned. This is to improve efficiency, effectively

    188. 

  188.     * not querying the database when no call is made.

    189. 

  189.     */

    190. 

  190.    function getNumMembers(){

    191. 

  191.       if($this->num_members < 0){

    192. 

  192.          $q = "SELECT * FROM ".TBL_USERS;

    193. 

  193.          $result = mysql_query($q, $this->connection);

    194. 

  194.          $this->num_members = mysql_numrows($result);

    195. 

  195.       }

    196. 

  196.       return $this->num_members;

    197. 

  197.    }

    198. 

  198.    

    199. 

  199.    /**

    200. 

  200.     * calcNumActiveUsers - Finds out how many active users

    201. 

  201.     * are viewing site and sets class variable accordingly.

    202. 

  202.     */

    203. 

  203.    function calcNumActiveUsers(){

    204. 

  204.       /* Calculate number of users at site */

    205. 

  205.       $q = "SELECT * FROM ".TBL_ACTIVE_USERS;

    206. 

  206.       $result = mysql_query($q, $this->connection);

    207. 

  207.       $this->num_active_users = mysql_numrows($result);

    208. 

  208.    }

    209. 

  209.    

    210. 

  210.    /**

    211. 

  211.     * calcNumActiveGuests - Finds out how many active guests

    212. 

  212.     * are viewing site and sets class variable accordingly.

    213. 

  213.     */

    214. 

  214.    function calcNumActiveGuests(){

    215. 

  215.       /* Calculate number of guests at site */

    216. 

  216.       $q = "SELECT * FROM ".TBL_ACTIVE_GUESTS;

    217. 

  217.       $result = mysql_query($q, $this->connection);

    218. 

  218.       $this->num_active_guests = mysql_numrows($result);

    219. 

  219.    }

    220. 

  220.    

    221. 

  221.    /**

    222. 

  222.     * addActiveUser - Updates username's last active timestamp

    223. 

  223.     * in the database, and also adds him to the table of

    224. 

  224.     * active users, or updates timestamp if already there.

    225. 

  225.     */

    226. 

  226.    function addActiveUser($username, $time){

    227. 

  227.       $q = "UPDATE ".TBL_USERS." SET timestamp = '$time' WHERE username = '$username'";

    228. 

  228.       mysql_query($q, $this->connection);

    229. 

  229.       

    230. 

  230.       if(!TRACK_VISITORS) return;

    231. 

  231.       $q = "REPLACE INTO ".TBL_ACTIVE_USERS." VALUES ('$username', '$time')";

    232. 

  232.       mysql_query($q, $this->connection);

    233. 

  233.       $this->calcNumActiveUsers();

    234. 

  234.    }

    235. 

  235.    

    236. 

  236.    /* addActiveGuest - Adds guest to active guests table */

    237. 

  237.    function addActiveGuest($ip, $time){

    238. 

  238.       if(!TRACK_VISITORS) return;

    239. 

  239.       $q = "REPLACE INTO ".TBL_ACTIVE_GUESTS." VALUES ('$ip', '$time')";

    240. 

  240.       mysql_query($q, $this->connection);

    241. 

  241.       $this->calcNumActiveGuests();

    242. 

  242.    }

    243. 

  243.    

    244. 

  244.    /* These functions are self explanatory, no need for comments */

    245. 

  245.    

    246. 

  246.    /* removeActiveUser */

    247. 

  247.    function removeActiveUser($username){

    248. 

  248.       if(!TRACK_VISITORS) return;

    249. 

  249.       $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE username = '$username'";

    250. 

  250.       mysql_query($q, $this->connection);

    251. 

  251.       $this->calcNumActiveUsers();

    252. 

  252.    }

    253. 

  253.    

    254. 

  254.    /* removeActiveGuest */

    255. 

  255.    function removeActiveGuest($ip){

    256. 

  256.       if(!TRACK_VISITORS) return;

    257. 

  257.       $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE ip = '$ip'";

    258. 

  258.       mysql_query($q, $this->connection);

    259. 

  259.       $this->calcNumActiveGuests();

    260. 

  260.    }

    261. 

  261.    

    262. 

  262.    /* removeInactiveUsers */

    263. 

  263.    function removeInactiveUsers(){

    264. 

  264.       if(!TRACK_VISITORS) return;

    265. 

  265.       $timeout = time()-USER_TIMEOUT*60;

    266. 

  266.       $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE timestamp < $timeout";

    267. 

  267.       mysql_query($q, $this->connection);

    268. 

  268.       $this->calcNumActiveUsers();

    269. 

  269.    }

    270. 

  270. 

    271. 

  271.    /* removeInactiveGuests */

    272. 

  272.    function removeInactiveGuests(){

    273. 

  273.       if(!TRACK_VISITORS) return;

    274. 

  274.       $timeout = time()-GUEST_TIMEOUT*60;

    275. 

  275.       $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE timestamp < $timeout";

    276. 

  276.       mysql_query($q, $this->connection);

    277. 

  277.       $this->calcNumActiveGuests();

    278. 

  278.    }

    279. 

  279.    

    280. 

  280.    /**

    281. 

  281.     * query - Performs the given query on the database and

    282. 

  282.     * returns the result, which may be false, true or a

    283. 

  283.     * resource identifier.

    284. 

  284.     */

    285. 

  285.    function query($query){

    286. 

  286.       return mysql_query($query, $this->connection);

    287. 

  287.    }

    288. 

  288. };

    289. 

  289. 

    290. 

  290. /* Create database connection */

    291. 

  291. $database = new MySQLDB;

    292. 

  292. 

    293. 

  293. ?>

    294. 

  294.