if (empty($u)) return;
$this->u = $u;
$this->p = $p;
- if ((string)intval($u)===(string)$u) {
+ if (is_null($p)) {
$this->id = $u;
- $opt = sprintf(" Username = '%s' OR UserId = '%s'", mysql_escape_string($u), mysql_escape_string($u));
+ $opt = sprintf(" UserId = '%s'", mysql_escape_string($u));
} else {
$opt = sprintf(" Username = '%s'", mysql_escape_string($u));
$opt .= (is_null($p)?'':sprintf(" AND Password='%s'", mysql_escape_string(base64_encode($p))));
function expire() {
$this->info = null;
}
- function refresh() {
- if (!empty($this->id)) {
- $this->Login($this->id);
- } else {
- $this->Login($this->u,$this->p);
- }
- }
function update($name=null,$email=null) {
if (!$this->exists()) return;
$arr = array();
$email = trim($fu[1]);
} else {
$name = isset($_SERVER['SSL_CLIENT_S_DN_CN'])?$_SERVER['SSL_CLIENT_S_DN_CN']:null;
- $email = isset($_SERVER['SSL_CLIENT_S_DN_Email'])?$_SERVER['SSL_CLIENT_S_DN_Email']:null;
+ $email = isset($_SERVER['REMOTE_USER'])?$_SERVER['REMOTE_USER']:null;
}
if (!is_null($email)) {
$user = explode('@',$email);
}
}
+function getUsernameID($username) {
+ $sql = sprintf("SELECT UserId FROM User USE INDEX (UsernameID) WHERE Username = '%s'", mysql_escape_string($username));
+ $r = fetchRows(DBSelect($sql), 'UserId');
+ $r = array_shift($r);
+ return count($r)?$r['UserId']:null;
+}
+
## 302 REDIRECTS
function redirect($target=null,$secure=null) {
$arr['bEnabled'] = 0;
$sql = sprintf("UPDATE DB SET %s WHERE DB.Name = '%s'",
buildSQLSet($arr),
- $dbname);
+ mysql_escape_string($dbname));
DBUpdate($sql);
return true;
andersk / sql-web.git / blobdiff