var $u, $p;
var $info;
function Login($u, $p=null) {
+ if (empty($u)) return;
$this->u = $u;
$this->p = $p;
- $opt = is_null($p)?'':sprintf(" AND Password='%s' ", mysql_escape_string(base64_encode($p)));
+ $opt = sprintf(" Username = '%s'", mysql_escape_string($u));
+ $opt .= (is_null($p)?'':sprintf(" AND Password='%s'", mysql_escape_string(base64_encode($p))));
+ is_numeric($u) && $opt = sprintf(" UserId = '%s'", mysql_escape_string($u));
$sql = sprintf("SELECT UserId, Username, Name, Email, UL, bEnabled
FROM User
- WHERE Username = '%s'
- $opt",
- mysql_escape_string($u));
+ WHERE %s", $opt);
$r = fetchRows(DBSelect($sql),'UserId');
$this->info = count($r)?array_shift($r):$r;
}
if (!empty($upd) && $upd != 'SET')
DBUpdate($sql);
if (isset($arr['Name']))
- $this->name = $arr['Name'];
+ $this->info['Name'] = $arr['Name'];
if (isset($arr['Email']))
- $this->email = $arr['Email'];
+ $this->info['Email'] = $arr['Email'];
}
}
class User {
var $userId;
var $info;
- var $pass;
var $dblist;
function User($userId) {
$this->userId = $userId;
mysql_escape_string($userId));
$r = fetchRows(DBSelect($sql),'UserId');
$this->info = count($r)?array_shift($r):$r;
- $this->pass = base64_decode($this->info['Password']);
+ $this->dblist = $this->getDBList();
+// $this->pass = base64_decode($this->info['Password']);
}
function exists() {
return count($this->info);
$sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
buildSQLSet($arr), mysql_escape_string($this->getUserId()));
DBUpdate($sql);
+ $sql = sprintf('SET PASSWORD FOR \'%s\'@\'%%\'=PASSWORD(\'%s\')',
+ mysql_escape_string($this->getUsername()),
+ mysql_escape_string($pwd));
+ DBSet($sql);
}
function signup($pwd) {
$this->pass = $pwd;
mysql_escape_string($verb),
mysql_escape_string($name),
mysql_escape_string($prep),
- $this->getUsername,
+ mysql_escape_string($this->getUsername()),
'%');
DBGrant($sql);
}
$sql = sprintf("SELECT *
FROM DBOwner
INNER JOIN DB ON DB.DatabaseId = DBOwner.DatabaseId
- INNER JOIN DBQuota ON DBQuota.DatabaseId = DBOwner.DatabaseId
- WHERE UserId = '%s'",
+ LEFT JOIN DBQuota ON DBQuota.DatabaseId = DBOwner.DatabaseId
+ WHERE UserId = '%s' AND DB.bEnabled=1",
mysql_escape_string($this->getUserId()));
$r = fetchRows(DBSelect($sql),'DatabaseId');
return $r;
}
+ function addDB($name) {
+ if (!addDB($name, $this->getUserId())) return false;
+ $this->setAccess($name);
+ return true;
+ }
}
return $UserId;
}
-?>
+function addDB($dbname,$userid) {
+ global $_NEW_DB, $_NEW_DBQUOTA, $_NEW_DBOWNER;
+
+ DBCreate(sprintf('CREATE DATABASE `%s`', mysql_escape_string($dbname)));
+ if (mysql_error()) return false;
+
+ $newdb['Name'] = $dbname;
+ $arr = array_merge($newdb, $_NEW_DB);
+ $arr['bEnabled'] = 1;
+ $sql = sprintf("INSERT INTO DB %s",
+ buildSQLInsert($arr));
+ $DBId = DBInsert($sql);
+
+ $arr = $_NEW_DBQUOTA;
+ $arr['DatabaseId'] = $DBId;
+ $sql = sprintf("INSERT INTO DBQuota %s",
+ buildSQLInsert($arr));
+ DBInsert($sql);
+
+ $arr = $_NEW_DBOWNER;
+ $arr['DatabaseId'] = $DBId;
+ $arr['UserId'] = $userid;
+ $sql = sprintf("INSERT INTO DBOwner %s",
+ buildSQLInsert($arr));
+ DBInsert($sql);
+
+ return $DBId;
+}
+
+?>
\ No newline at end of file
andersk / sql-web.git / blobdiff