3 require_once('mitsql.lib.php');
8 function Login($u, $p=null) {
11 $opt = is_null($p)?'':sprintf(" AND Password='%s' ", mysql_escape_string(base64_encode($p)));
12 $sql = sprintf("SELECT UserId, Username, Name, Email, UL, bEnabled
16 mysql_escape_string($u));
17 $r = fetchRows(DBSelect($sql),'UserId');
18 $this->info = count($r)?array_shift($r):$r;
21 return count($this->info);
24 return $this->getUL()>0;
26 function isEnabled() {
27 return $this->exists() && $this->info['bEnabled']==1;
30 return $this->isEnabled() && $this->isValid();
32 function canSignup() {
33 return !$this->isEnabled() && $this->isValid();
35 function getUserId() {
36 return $this->exists()?$this->info['UserId']:'';
38 function getUsername() {
39 return $this->exists()?$this->info['Username']:'';
42 return $this->exists()?$this->info['Name']:'';
45 return $this->exists()?$this->info['Email']:'';
48 return $this->exists()?$this->info['UL']:'';
54 $this->Login($this->u,$this->p);
56 function update($name=null,$email=null) {
57 if (!$this->exists()) return;
59 if ($name == $this->getName()) $name = null;
60 if ($email == $this->getEmail()) $email = null;
61 is_null($name) || $arr['Name'] = $name;
62 is_null($email) || $arr['Email'] = $email;
63 $upd = buildSQLSet($arr);
64 $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
65 $upd, mysql_escape_string($this->getUserId()));
66 if (!empty($upd) && $upd != 'SET')
68 if (isset($arr['Name']))
69 $this->name = $arr['Name'];
70 if (isset($arr['Email']))
71 $this->email = $arr['Email'];
80 function User($userId) {
81 $this->userId = $userId;
82 $sql = sprintf("SELECT UserId, Username, Password, Name, Email, UL, bEnabled
85 mysql_escape_string($userId));
86 $r = fetchRows(DBSelect($sql),'UserId');
87 $this->info = count($r)?array_shift($r):$r;
88 $this->pass = base64_decode($this->info['Password']);
91 return count($this->info);
93 function getUserId() {
94 return $this->exists()?$this->info['UserId']:'';
96 function getUsername() {
97 return $this->exists()?$this->info['Username']:'';
99 function setPassword($pwd) {
100 $arr['Password'] = base64_encode($pwd);
101 $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
102 buildSQLSet($arr), mysql_escape_string($this->getUserId()));
105 function signup($pwd) {
107 $arr['Password'] = base64_encode($pwd);
108 $arr['bEnabled'] = 1;
109 $arr['dSignup'] = 'NOW()';
110 $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
111 buildSQLSet($arr), mysql_escape_string($this->getUserId()));
117 function setUsage($yes=true) {
118 $verb = $yes?'GRANT':'REVOKE';
119 $prep = $yes?'TO':'FROM';
120 $suffix = $yes?sprintf("IDENTIFIED BY '%s'",mysql_escape_string($this->pass)):'';
121 $sql = sprintf("%s USAGE ON * . * %s '%s'@'%s' %s",
122 mysql_escape_string($verb),
123 mysql_escape_string($prep),
124 mysql_escape_string($this->getUsername()),
129 function setAccess($db=null,$yes=true) {
130 $verb = $yes?'GRANT':'REVOKE';
131 $prep = $yes?'TO':'FROM';
133 $this->dblist = $this->getDBList();
134 $dbs = $this->dblist;
136 $dbs[] = array('Name'=>$db);
138 foreach($dbs as $db) {
140 $sql = sprintf("%s ALL PRIVILEGES ON `%s` . * %s '%s'@'%s'",
141 mysql_escape_string($verb),
142 mysql_escape_string($name),
143 mysql_escape_string($prep),
149 function getDBList() {
150 $sql = sprintf("SELECT *
152 INNER JOIN DB ON DB.DatabaseId = DBOwner.DatabaseId
153 INNER JOIN DBQuota ON DBQuota.DatabaseId = DBOwner.DatabaseId
154 WHERE UserId = '%s'",
155 mysql_escape_string($this->getUserId()));
156 $r = fetchRows(DBSelect($sql),'DatabaseId');
162 function isLoggedIn($aLogin=null) {
163 if (is_null($aLogin)) {
167 return !empty($aLogin) && is_a($aLogin, 'Login') && $aLogin->canLogin();
171 return $_SERVER['SERVER_PORT'] == 443;
174 function getSSLCert() {
175 if (DEVEL && file_exists('.forceauth')) {
176 $fu = explode('|',file_get_contents('.forceauth'));
177 $name = trim($fu[0]);
178 $email = trim($fu[1]);
180 $name = isset($_SERVER['SSL_CLIENT_S_DN_CN'])?$_SERVER['SSL_CLIENT_S_DN_CN']:null;
181 $email = isset($_SERVER['SSL_CLIENT_S_DN_Email'])?$_SERVER['SSL_CLIENT_S_DN_Email']:null;
183 if (!is_null($email)) {
184 $user = explode('@',$email);
186 return array('Username'=>$user, 'Name'=>$name, 'Email'=>$email);
194 function redirect($target=null,$secure=null) {
195 $base = (is_null($target)||substr($target,0,1)=='?')?$_SERVER['REDIRECT_URL']:(dirname($_SERVER['REDIRECT_URL']).'/');
196 redirectFull(is_null($target)?$base:($base.$target),$secure);
198 function redirectFull($target,$secure) {
199 redirect2((((isSSL()&&is_null($secure))||$secure==true)?'https://':'http://').$_SERVER['SERVER_NAME'].$target);
201 function redirect2($target) {
202 header('Location: '.$target);
206 return (isSSL()?'http://':'https://').$_SERVER['SERVER_NAME'].$_SERVER['REDIRECT_URL'];
211 function addUser($sslCredentials) {
212 global $_NEW_USER, $_NEW_USERQUOTA, $_NEW_USERSTAT;
214 $arr = array_merge($sslCredentials, $_NEW_USER);
215 $sql = sprintf("INSERT INTO User %s",
216 buildSQLInsert($arr));
217 $UserId = DBInsert($sql);
219 $arr = $_NEW_USERQUOTA;
220 $arr['UserId'] = $UserId;
221 $sql = sprintf("INSERT INTO UserQuota %s",
222 buildSQLInsert($arr));
225 $arr = $_NEW_USERSTAT;
226 $arr['UserId'] = $UserId;
227 $sql = sprintf("INSERT INTO UserStat %s",
228 buildSQLInsert($arr));