3 require_once('mitsql.lib.php');
8 function Login($u, $p=null) {
11 $opt = is_null($p)?'':sprintf(" AND Password='%s' ", mysql_escape_string(base64_encode($p)));
12 $sql = sprintf("SELECT UserId, Username, Name, Email, UL, bEnabled
16 mysql_escape_string($u));
17 $r = fetchRows(DBSelect($sql),'UserId');
18 $this->info = count($r)?array_shift($r):$r;
21 return count($this->info);
24 return $this->getUL()>0;
26 function isEnabled() {
27 return $this->exists() && $this->info['bEnabled']==1;
30 return $this->isEnabled() && $this->isValid();
32 function canSignup() {
33 return !$this->isEnabled() && $this->isValid();
35 function getUserId() {
36 return $this->exists()?$this->info['UserId']:'';
38 function getUsername() {
39 return $this->exists()?$this->info['Username']:'';
42 return $this->exists()?$this->info['Name']:'';
45 return $this->exists()?$this->info['Email']:'';
48 return $this->exists()?$this->info['UL']:'';
54 $this->Login($this->u,$this->p);
56 function update($name=null,$email=null) {
57 if (!$this->exists()) return;
59 if ($name == $this->getName()) $name = null;
60 if ($email == $this->getEmail()) $email = null;
61 is_null($name) || $arr['Name'] = $name;
62 is_null($email) || $arr['Email'] = $email;
63 $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
64 buildSQLSet($arr), mysql_escape_string($this->getUserId()));
66 if (isset($arr['Name']))
67 $this->name = $arr['Name'];
68 if (isset($arr['Email']))
69 $this->email = $arr['Email'];
78 function User($userId) {
79 $this->userId = $userId;
80 $sql = sprintf("SELECT UserId, Username, Password, Name, Email, UL, bEnabled
83 mysql_escape_string($userId));
84 $r = fetchRows(DBSelect($sql),'UserId');
85 $this->info = count($r)?array_shift($r):$r;
86 $this->pass = base64_decode($this->info['Password']);
89 return count($this->info);
91 function getUserId() {
92 return $this->exists()?$this->info['UserId']:'';
94 function getUsername() {
95 return $this->exists()?$this->info['Username']:'';
97 function setPassword($pwd) {
98 $arr['Password'] = base64_encode($pwd);
99 $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
100 buildSQLSet($arr), mysql_escape_string($this->getUserId()));
103 function signup($pwd) {
105 $arr['Password'] = base64_encode($pwd);
106 $arr['bEnabled'] = 1;
107 $arr['dSignup'] = 'NOW()';
108 $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
109 buildSQLSet($arr), mysql_escape_string($this->getUserId()));
115 function setUsage($yes=true) {
116 $verb = $yes?'GRANT':'REVOKE';
117 $prep = $yes?'TO':'FROM';
118 $suffix = $yes?sprintf("IDENTIFIED BY `%s`",mysql_escape_string($this->pass)):'';
119 $sql = sprintf("%s USAGE ON * . * %s '%s'@'%s' %s",
120 mysql_escape_string($verb),
121 mysql_escape_string($prep),
122 mysql_escape_string($this->getUsername()),
124 mysql_escape_string($suffix));
127 function setAccess($db=null,$yes=true) {
128 $verb = $yes?'GRANT':'REVOKE';
129 $prep = $yes?'TO':'FROM';
131 $this->dblist = $this->getDBList();
132 $dbs = $this->dblist;
134 $dbs[] = array('Name'=>$db);
136 foreach($dbs as $db) {
138 $sql = sprintf("%s ALL PRIVILEGES ON `%s` . * %s '%s'@'%s'",
139 mysql_escape_string($verb),
140 mysql_escape_string($name),
141 mysql_escape_string($prep),
147 function getDBList() {
148 $sql = sprintf("SELECT *
150 INNER JOIN DB ON DB.DatabaseId = DBOwner.DatabaseId
151 INNER JOIN DBQuota ON DBQuota.DatabaseId = DBOwner.DatabaseId
152 WHERE UserId = '%s'",
153 mysql_escape_string($this->getUserId()));
154 $r = fetchRows(DBSelect($sql),'DatabaseId');
160 function isLoggedIn($aLogin=null) {
161 if (is_null($aLogin)) {
165 return !empty($aLogin) && is_a($aLogin, 'Login') && $aLogin->canLogin();
169 return $_SERVER['SERVER_PORT'] == 443;
172 function getSSLCert() {
173 if (DEVEL && file_exists('.forceauth')) {
174 $fu = explode('|',file_get_contents('.forceauth'));
175 $name = trim($fu[0]);
176 $email = trim($fu[1]);
178 $name = isset($_SERVER['SSL_CLIENT_S_DN_CN'])?$_SERVER['SSL_CLIENT_S_DN_CN']:null;
179 $email = isset($_SERVER['SSL_CLIENT_S_DN_Email'])?$_SERVER['SSL_CLIENT_S_DN_Email']:null;
181 if (!is_null($email)) {
182 $user = explode('@',$email);
184 return array('Username'=>$user, 'Name'=>$name, 'Email'=>$email);
192 function redirect($target=null,$secure=null) {
193 $base = (is_null($target)||substr($target,0,1)=='?')?$_SERVER['REDIRECT_URL']:(dirname($_SERVER['REDIRECT_URL']).'/');
194 redirectFull(is_null($target)?$base:($base.$target),$secure);
196 function redirectFull($target,$secure) {
197 redirect2((((isSSL()&&is_null($secure))||$secure==true)?'https://':'http://').$_SERVER['SERVER_NAME'].$target);
199 function redirect2($target) {
200 header('Location: '.$target);
204 return (isSSL()?'http://':'https://').$_SERVER['SERVER_NAME'].$_SERVER['REDIRECT_URL'];
209 function addUser($sslCredentials) {
210 global $_NEW_USER, $_NEW_USERQUOTA, $_NEW_USERSTAT;
212 $arr = array_merge($sslCredentials, $_NEW_USER);
213 $sql = sprintf("INSERT INTO User %s",
214 buildSQLInsert($arr));
215 $UserId = DBInsert($sql);
217 $arr = $_NEW_USERQUOTA;
218 $arr['UserId'] = $UserId;
219 $sql = sprintf("INSERT INTO UserQuota %s",
220 buildSQLInsert($arr));
223 $arr = $_NEW_USERSTAT;
224 $arr['UserId'] = $UserId;
225 $sql = sprintf("INSERT INTO UserStat %s",
226 buildSQLInsert($arr));