Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3767702
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
15 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/includes/objects/README b/includes/objects/README
new file mode 100644
index 0000000..cbee680
--- /dev/null
+++ b/includes/objects/README
@@ -0,0 +1,3 @@
+This folder contains models you use in your applications.
+
+Some models ready to use in production are available on http://keruald.sf.net
\ No newline at end of file
diff --git a/includes/objects/user.php b/includes/objects/user.php
new file mode 100644
index 0000000..0057225
--- /dev/null
+++ b/includes/objects/user.php
@@ -0,0 +1,193 @@
+<?php
+
+/*
+ * Keruald, core libraries for Pluton and Xen engines.
+ * (c) 2010, Sébastien Santoro aka Dereckson, some rights reserved
+ * Released under BSD license
+ *
+ * User class
+ *
+ * 0.1 2010-02-27 20:51 DcK
+ *
+ * @package Zed
+ * @copyright Copyright (c) 2010, Dereckson
+ * @license Released under BSD license
+ * @version 0.1
+ *
+ */
+class User {
+
+ public $id;
+ public $name;
+ public $password;
+ public $active = 0;
+ public $email;
+ public $regdate;
+
+ /*
+ * Initializes a new instance
+ * @param int $id the primary key
+ */
+ function __construct ($id = null) {
+ if ($id) {
+ $this->id = $id;
+ $this->load_from_database();
+ }
+ }
+
+ /*
+ * Loads the object User (ie fill the properties) from the $_POST array
+ */
+ function load_from_form () {
+ if (array_key_exists('name', $_POST)) $this->name = $_POST['name'];
+ if (array_key_exists('password', $_POST)) $this->password = $_POST['password'];
+ if (array_key_exists('active', $_POST)) $this->active = $_POST['active'];
+ if (array_key_exists('actkey', $_POST)) $this->actkey = $_POST['actkey'];
+ if (array_key_exists('email', $_POST)) $this->email = $_POST['email'];
+ if (array_key_exists('regdate', $_POST)) $this->regdate = $_POST['regdate'];
+ }
+
+ /*
+ * Loads the object User (ie fill the properties) from the database
+ */
+ function load_from_database () {
+ global $db;
+ $sql = "SELECT * FROM " . TABLE_USERS . " WHERE user_id = '" . $this->id . "'";
+ if ( !($result = $db->sql_query($sql)) ) message_die(SQL_ERROR, "Unable to query users", '', __LINE__, __FILE__, $sql);
+ if (!$row = $db->sql_fetchrow($result)) {
+ $this->lastError = "User unkwown: " . $this->id;
+ return false;
+ }
+
+ $this->load_from_row($row);
+
+ return true;
+ }
+
+ /*
+ * Loads the object User (ie fill the properties) from the database row
+ */
+ function load_from_row ($row) {
+ $this->id = $row['user_id'];
+ $this->name = $row['username'];
+ $this->password = $row['user_password'];
+ $this->active = $row['user_active'] ? true : false;
+ $this->email = $row['user_email'];
+ $this->regdate = $row['user_regdate'];
+ }
+
+ /*
+ * Saves to database
+ */
+ function save_to_database () {
+ global $db;
+
+ $id = $this->id ? "'" . $db->sql_escape($this->id) . "'" : 'NULL';
+ $name = $db->sql_escape($this->name);
+ $password = $db->sql_escape($this->password);
+ $active = $this->active ? 1 : 0;
+ $email = $db->sql_escape($this->email);
+ $regdate = $this->regdate ? "'" . $db->sql_escape($this->regdate) . "'" : 'NULL';
+
+ //Updates or inserts
+ $sql = "REPLACE INTO " . TABLE_USERS . " (`user_id`, `username`, `user_password`, `user_active`, `user_email`, `user_regdate`) VALUES ($id, '$name', '$password', $active, '$email', $regdate)";
+ if (!$db->sql_query($sql)) {
+ message_die(SQL_ERROR, "Unable to save users", '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$this->id) {
+ //Gets new record id value
+ $this->id = $db->sql_nextid();
+ }
+ }
+
+ /*
+ * Updates the specified field in the database record
+ */
+ function save_field ($field) {
+ global $db;
+ if (!$this->id) {
+ message_die(GENERAL_ERROR, "You're trying to update a record not yet saved in the database");
+ }
+ $id = $db->sql_escape($this->id);
+ $value = $db->sql_escape($this->$field);
+ $sql = "UPDATE " . TABLE_USERS . " SET `$field` = '$value' WHERE user_id = '$id'";
+ if (!$db->sql_query($sql)) {
+ message_die(SQL_ERROR, "Unable to save $field field", '', __LINE__, __FILE__, $sql);
+ }
+ }
+
+ /*
+ * Generates a unique user id
+ */
+ function generate_id () {
+ global $db;
+
+ do {
+ $this->id = mt_rand(2001, 9999);
+ $sql = "SELECT COUNT(*) FROM " . TABLE_USERS . " WHERE user_id = $this->id";
+ if (!$result = $db->sql_query($sql)) {
+ message_die(SQL_ERROR, "Can't check if a user id is free", '', __LINE__, __FILE__, $sql);
+ }
+ $row = $db->sql_fetchrow($result);
+ } while ($row[0]);
+ }
+
+ /*
+ * Fills password field with encrypted version
+ * of the specified clear password
+ */
+ public function set_password ($newpassword) {
+ $this->password = md5($newpassword);
+ }
+
+ /*
+ * Checks if a login is available
+ * @param string $login the login to check
+ * @return boolean true if the login is avaiable ; otherwise, false.
+ */
+ public static function is_available_login ($login) {
+ global $db;
+ $sql = "SELECT COUNT(*) FROM " . TABLE_USERS . " WHERE username = '$login'";
+ if (!$result = $db->sql_query($sql)) {
+ message_die(SQL_ERROR, "Can't check if the specified login is available", '', __LINE__, __FILE__, $sql);
+ }
+ $row = $db->sql_fetchrow($result);
+ return ($row[0] == 0);
+ }
+
+ /*
+ * Initializes a new User instance ready to have its property filled
+ * @return User the new user instance
+ */
+ public static function create () {
+ $user = new User();
+ $user->generate_id();
+ $user->active = true;
+ return $user;
+ }
+
+ /*
+ * Gets user from specified e-mail
+ * @return User the user matching the specified e-mail ; null, if the mail were not found.
+ */
+ public static function get_user_from_email ($mail) {
+ global $db;
+ $sql = "SELECT username FROM " . TABLE_USERS . " WHERE user_email = '$mail'";
+ if (!$result = $db->sql_query($sql)) {
+ message_die(SQL_ERROR, "Can't get user", '', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result)) {
+ //E-mail found.
+ $user = new User();
+ $user->load_from_row($row);
+ return $user;
+ }
+
+ //E-mail not found.
+ return null;
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/includes/session.php b/includes/session.php
index 4a0ffbb..756905c 100644
--- a/includes/session.php
+++ b/includes/session.php
@@ -1,248 +1,248 @@
<?php
/*
* Keruald, core libraries for Pluton and Xen engines.
* (c) 2010, Sébastien Santoro aka Dereckson, some rights reserved
* Released under BSD license
*
* Session
*
* 0.1 2010-02-26 18:06 DcK
*
* This class uses a singleton pattern, as we only need one single instance.
* Cf. http://www.php.net/manual/en/language.oop5.patterns.php
*
* @package Keruald
* @subpackage Keruald
* @copyright Copyright (c) 2010, Sébastien Santoro aka Dereckson
* @license Released under BSD license
* @version 0.1
*/
class Session {
/*
* @var Session current session instance
*/
private static $instance;
/*
* Gets or initializes current session instance
* @return Session current session instance
*/
public static function load () {
if (!isset(self::$instance)) {
//Creates new session instance
$c = __CLASS__;
self::$instance = new $c;
}
return self::$instance;
}
/*
* @var string session ID
*/
public $id;
/*
* @var string remote client IP
*/
public $ip;
/*
* Initializes a new instance of Session object
*/
private function __construct () {
//Starts PHP session, and gets id
session_start();
$_SESSION['ID'] = session_id();
$this->id = $_SESSION['ID'];
//Gets remote client IP
$this->ip = self::get_ip();
//Updates or creates the session in database
$this->update();
}
/*
* Gets remote client IP address
* @return string IP
*/
public static function get_ip () {
//mod_proxy + mod_rewrite (old pluton url scheme) will define 127.0.0.1
//in REMOTE_ADDR, and will store ip in HTTP_X_FORWARDED_FOR variable.
//Some ISP/orgz proxies also use this setting.
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}
//Standard cases
return $_SERVER['REMOTE_ADDR'];
}
/*
* Cleans up session
* i. deletes expired session
* ii. sets offline relevant sessions
*/
public static function clean_old_sessions () {
global $db, $Config;
//Gets session and online status lifetime (in seconds)
//If not specified in config, sets default 5 and 120 minutes values
$onlineDuration = array_key_exists('OnlineDuration', $Config) ? $Config['OnlineDuration'] : 300;
$sessionDuration = array_key_exists('SessionDuration', $Config) ? $Config['SessionDuration'] : 7200;
//Deletes expired sessions
$sql = "DELETE FROM " . TABLE_SESSIONS . " WHERE TIMESTAMPDIFF(SECOND, session_updated, NOW()) > $sessionDuration";
if (!$db->sql_query($sql)) message_die(SQL_ERROR, "Can't delete expired sessions", '', __LINE__, __FILE__, $sql);
//Online -> offline
$sql = "UPDATE " . TABLE_SESSIONS . " SET session_online = 0 WHERE TIMESTAMPDIFF(SECOND, session_updated, NOW()) > $onlineDuration";
if (!$db->sql_query($sql)) message_die(SQL_ERROR, 'Can\'t update sessions online statuses', '', __LINE__, __FILE__, $sql);
}
/*
* Updates or creates a session in the database
*/
public function update () {
global $db, $Config;
//Cleans up session
//To boost SQL performances, try a random trigger
// e.g. if (rand(1, 100) < 3) self::clean_old_sessions();
//or comment this line and execute a cron script you launch each minute.
self::clean_old_sessions();
//Saves session in database.
//If the session already exists, it updates the field online and updated.
$id = $db->sql_escape($this->id);
$resource = $db->sql_escape($Config['ResourceID']);
$user_id = $db->sql_escape(ANONYMOUS_USER);
$sql = "INSERT INTO " . TABLE_SESSIONS . " (session_id, session_ip, session_resource, user_id) VALUES ('$id', '$this->ip', '$resource', '$user_id') ON DUPLICATE KEY UPDATE session_online = 1";
if (!$db->sql_query($sql)) message_die(SQL_ERROR, 'Can\'t save current session', '', __LINE__, __FILE__, $sql);
}
/*
* Gets the number of online users
* @return int the online users count
*/
public function count_online () {
//Keeps result for later method call
static $count = -1;
if ($count == -1) {
//Queries sessions table
global $db, $Config;
$resource = $db->sql_escape($Config['ResourceID']);
$sql = "SELECT count(*) FROM " . TABLE_SESSIONS . " WHERE session_resource = '$resource' AND session_online = 1";
$count = (int)$db->sql_query_express($sql, "Can't count online users");
}
//Returns number of users online
return $count;
}
/*
* Gets the value of a custom session table field
* @param string $info the field to get
* @return string the session specified field's value
*/
public function get_info ($info) {
global $db;
$id = $db->sql_escape($this->id);
$sql = "SELECT `$info` FROM " . TABLE_SESSIONS . " WHERE session_id = '$id'";
return $db->sql_query_express($sql, "Can't get session $info info");
}
/*
* Sets the value of a custom session table field to the specified value
* @param string $info the field to update
* @param string $value the value to set
*/
public function set_info ($info, $value) {
global $db;
$value = ($value === null) ? 'NULL' : "'" . $db->sql_escape($value) . "'";
$id = $db->sql_escape($this->id);
$sql = "UPDATE " . TABLE_SESSIONS . " SET `$info` = $value WHERE session_id = '$id'";
if (!$db->sql_query($sql))
message_die(SQL_ERROR, "Can't set session $info info", '', __LINE__, __FILE__, $sql);
}
/*
* Gets logged user information
* @return User the logged user information
*/
public function get_logged_user () {
global $db;
//Gets session information
$id = $db->sql_escape($this->id);
$sql = "SELECT * FROM " . TABLE_SESSIONS . " WHERE session_id = '$id'";
if (!$result = $db->sql_query($sql))
message_die(SQL_ERROR, "Can't query session information", '', __LINE__, __FILE__, $sql);
$row = $db->sql_fetchrow($result);
//Gets user instance
- //require_once('includes/objects/user.php');
- //$user = new User($row['user_id']);
+ require_once('includes/objects/user.php');
+ $user = new User($row['user_id']);
//Adds session property to this user instance
$user->session = $row;
//Returns user instance
return $user;
}
/*
* Cleans session
* This method is to be called when an event implies a session destroy
*/
public function clean () {
//Destroies $_SESSION array values, help ID
foreach ($_SESSION as $key => $value) {
if ($key != 'ID') unset($_SESSION[$key]);
}
}
/*
* Updates the session in an user login context
* @param string $user_id the user ID
*/
public function user_login ($user_id) {
global $db;
//Sets specified user ID in sessions table
$user_id = $db->sql_escape($user_id);
$id = $db->sql_escape($this->id);
$sql = "UPDATE " . TABLE_SESSIONS . " SET user_id = '$user_id' WHERE session_id = '$id'";
if (!$db->sql_query($sql))
message_die(SQL_ERROR, "Can't set logged in status", '', __LINE__, __FILE__, $sql);
}
/*
* Updates the session in an user logout context
*/
public function user_logout () {
global $db;
//Sets anonymous user in sessions table
$user_id = $db->sql_escape(ANONYMOUS_USER);
$id = $db->sql_escape($this->id);
$sql = "UPDATE " . TABLE_SESSIONS . " SET user_id = '$user_id' WHERE session_id = '$id'";
if (!$db->sql_query($sql))
message_die(SQL_ERROR, "Can't set logged out status", '', __LINE__, __FILE__, $sql);
//Cleans session
$this->clean();
}
}
//The user_id matching anonymous user
if (!defined('ANONYMOUS_USER')) define('ANONYMOUS_USER', -1);
?>
\ No newline at end of file
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Nov 25, 02:58 (21 h, 20 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2259403
Default Alt Text
(15 KB)
Attached To
Mode
rK Keruald legacy core libraries
Attached
Detach File
Event Timeline
Log In to Comment