| [ Index ] |
PHP Cross Reference of MyBB 1.6.0 |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * Checks if a user with uid $uid exists in the database. 5 * 6 * @param int The uid to check for. 7 * @return boolean True when exists, false when not. 8 */ 9 function user_exists($uid) 10 { 11 global $db; 12 13 $query = $db->simple_select("users", "COUNT(*) as user", "uid='".intval($uid)."'", array('limit' => 1)); 14 if($db->fetch_field($query, 'user') == 1) 15 { 16 return true; 17 } 18 else 19 { 20 return false; 21 } 22 } 23 24 /** 25 * Checks if $username already exists in the database. 26 * 27 * @param string The username for check for. 28 * @return boolean True when exists, false when not. 29 */ 30 function username_exists($username) 31 { 32 global $db; 33 $query = $db->simple_select("users", "COUNT(*) as user", "username='".$db->escape_string($username)."'", array('limit' => 1)); 34 if($db->fetch_field($query, 'user') == 1) 35 { 36 return true; 37 } 38 else 39 { 40 return false; 41 } 42 } 43 44 /** 45 * Checks a password with a supplied username. 46 * 47 * @param string The username of the user. 48 * @param string The plain-text password. 49 * @return boolean|array False when no match, array with user info when match. 50 */ 51 function validate_password_from_username($username, $password) 52 { 53 global $db; 54 55 $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "username='".$db->escape_string($username)."'", array('limit' => 1)); 56 $user = $db->fetch_array($query); 57 if(!$user['uid']) 58 { 59 return false; 60 } 61 else 62 { 63 return validate_password_from_uid($user['uid'], $password, $user); 64 } 65 } 66 67 /** 68 * Checks a password with a supplied uid. 69 * 70 * @param int The user id. 71 * @param string The plain-text password. 72 * @param string An optional user data array. 73 * @return boolean|array False when not valid, user data array when valid. 74 */ 75 function validate_password_from_uid($uid, $password, $user = array()) 76 { 77 global $db, $mybb; 78 if($mybb->user['uid'] == $uid) 79 { 80 $user = $mybb->user; 81 } 82 if(!$user['password']) 83 { 84 $query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1)); 85 $user = $db->fetch_array($query); 86 } 87 if(!$user['salt']) 88 { 89 // Generate a salt for this user and assume the password stored in db is a plain md5 password 90 $user['salt'] = generate_salt(); 91 $user['password'] = salt_password($user['password'], $user['salt']); 92 $sql_array = array( 93 "salt" => $user['salt'], 94 "password" => $user['password'] 95 ); 96 $db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1); 97 } 98 99 if(!$user['loginkey']) 100 { 101 $user['loginkey'] = generate_loginkey(); 102 $sql_array = array( 103 "loginkey" => $user['loginkey'] 104 ); 105 $db->update_query("users", $sql_array, "uid = ".$user['uid'], 1); 106 } 107 if(salt_password(md5($password), $user['salt']) == $user['password']) 108 { 109 return $user; 110 } 111 else 112 { 113 return false; 114 } 115 } 116 117 /** 118 * Updates a user's password. 119 * 120 * @param int The user's id. 121 * @param string The md5()'ed password. 122 * @param string (Optional) The salt of the user. 123 * @return array The new password. 124 */ 125 function update_password($uid, $password, $salt="") 126 { 127 global $db, $plugins; 128 129 $newpassword = array(); 130 131 // If no salt was specified, check in database first, if still doesn't exist, create one 132 if(!$salt) 133 { 134 $query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1)); 135 $user = $db->fetch_array($query); 136 if($user['salt']) 137 { 138 $salt = $user['salt']; 139 } 140 else 141 { 142 $salt = generate_salt(); 143 } 144 $newpassword['salt'] = $salt; 145 } 146 147 // Create new password based on salt 148 $saltedpw = salt_password($password, $salt); 149 150 // Generate new login key 151 $loginkey = generate_loginkey(); 152 153 // Update password and login key in database 154 $newpassword['password'] = $saltedpw; 155 $newpassword['loginkey'] = $loginkey; 156 $db->update_query("users", $newpassword, "uid='$uid'", 1); 157 158 $plugins->run_hooks("password_changed"); 159 160 return $newpassword; 161 } 162 163 /** 164 * Salts a password based on a supplied salt. 165 * 166 * @param string The md5()'ed password. 167 * @param string The salt. 168 * @return string The password hash. 169 */ 170 function salt_password($password, $salt) 171 { 172 return md5(md5($salt).$password); 173 } 174 175 /** 176 * Generates a random salt 177 * 178 * @return string The salt. 179 */ 180 function generate_salt() 181 { 182 return random_str(8); 183 } 184 185 /** 186 * Generates a 50 character random login key. 187 * 188 * @return string The login key. 189 */ 190 function generate_loginkey() 191 { 192 return random_str(50); 193 } 194 195 /** 196 * Updates a user's salt in the database (does not update a password). 197 * 198 * @param int The uid of the user to update. 199 * @return string The new salt. 200 */ 201 function update_salt($uid) 202 { 203 global $db; 204 205 $salt = generate_salt(); 206 $sql_array = array( 207 "salt" => $salt 208 ); 209 $db->update_query("users", $sql_array, "uid='{$uid}'", 1); 210 211 return $salt; 212 } 213 214 /** 215 * Generates a new login key for a user. 216 * 217 * @param int The uid of the user to update. 218 * @return string The new login key. 219 */ 220 function update_loginkey($uid) 221 { 222 global $db; 223 224 $loginkey = generate_loginkey(); 225 $sql_array = array( 226 "loginkey" => $loginkey 227 ); 228 $db->update_query("users", $sql_array, "uid='{$uid}'", 1); 229 230 return $loginkey; 231 232 } 233 234 /** 235 * Adds a thread to a user's thread subscription list. 236 * If no uid is supplied, the currently logged in user's id will be used. 237 * 238 * @param int The tid of the thread to add to the list. 239 * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant) 240 * @param int (Optional) The uid of the user who's list to update. 241 * @return boolean True when success, false when otherwise. 242 */ 243 function add_subscribed_thread($tid, $notification=1, $uid="") 244 { 245 global $mybb, $db; 246 247 if(!$uid) 248 { 249 $uid = $mybb->user['uid']; 250 } 251 252 if(!$uid) 253 { 254 return; 255 } 256 257 $query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1)); 258 $subscription = $db->fetch_array($query); 259 if(!$subscription['tid']) 260 { 261 $insert_array = array( 262 'uid' => intval($uid), 263 'tid' => intval($tid), 264 'notification' => intval($notification), 265 'dateline' => TIME_NOW, 266 'subscriptionkey' => md5(TIME_NOW.$uid.$tid) 267 268 ); 269 $db->insert_query("threadsubscriptions", $insert_array); 270 } 271 else 272 { 273 // Subscription exists - simply update notification 274 $update_array = array( 275 "notification" => intval($notification) 276 ); 277 $db->update_query("threadsubscriptions", $update_array, "uid='{$uid}' AND tid='{$tid}'"); 278 } 279 return true; 280 } 281 282 /** 283 * Remove a thread from a user's thread subscription list. 284 * If no uid is supplied, the currently logged in user's id will be used. 285 * 286 * @param int The tid of the thread to remove from the list. 287 * @param int (Optional) The uid of the user who's list to update. 288 * @return boolean True when success, false when otherwise. 289 */ 290 function remove_subscribed_thread($tid, $uid="") 291 { 292 global $mybb, $db; 293 294 if(!$uid) 295 { 296 $uid = $mybb->user['uid']; 297 } 298 299 if(!$uid) 300 { 301 return; 302 } 303 $db->delete_query("threadsubscriptions", "tid='".$tid."' AND uid='{$uid}'"); 304 305 return true; 306 } 307 308 /** 309 * Adds a forum to a user's forum subscription list. 310 * If no uid is supplied, the currently logged in user's id will be used. 311 * 312 * @param int The fid of the forum to add to the list. 313 * @param int (Optional) The uid of the user who's list to update. 314 * @return boolean True when success, false when otherwise. 315 */ 316 function add_subscribed_forum($fid, $uid="") 317 { 318 global $mybb, $db; 319 320 if(!$uid) 321 { 322 $uid = $mybb->user['uid']; 323 } 324 325 if(!$uid) 326 { 327 return; 328 } 329 330 $fid = intval($fid); 331 $uid = intval($uid); 332 333 $query = $db->simple_select("forumsubscriptions", "*", "fid='".$fid."' AND uid='{$uid}'", array('limit' => 1)); 334 $fsubscription = $db->fetch_array($query); 335 if(!$fsubscription['fid']) 336 { 337 $insert_array = array( 338 'fid' => $fid, 339 'uid' => $uid 340 ); 341 $db->insert_query("forumsubscriptions", $insert_array); 342 } 343 344 return true; 345 } 346 347 /** 348 * Removes a forum from a user's forum subscription list. 349 * If no uid is supplied, the currently logged in user's id will be used. 350 * 351 * @param int The fid of the forum to remove from the list. 352 * @param int (Optional) The uid of the user who's list to update. 353 * @return boolean True when success, false when otherwise. 354 */ 355 function remove_subscribed_forum($fid, $uid="") 356 { 357 global $mybb, $db; 358 359 if(!$uid) 360 { 361 $uid = $mybb->user['uid']; 362 } 363 364 if(!$uid) 365 { 366 return; 367 } 368 $db->delete_query("forumsubscriptions", "fid='".$fid."' AND uid='{$uid}'"); 369 370 return true; 371 } 372 373 /** 374 * Constructs the usercp navigation menu. 375 * 376 */ 377 function usercp_menu() 378 { 379 global $mybb, $templates, $theme, $plugins, $lang, $usercpnav, $usercpmenu; 380 381 $lang->load("usercpnav"); 382 383 // Add the default items as plugins with separated priorities of 10 384 if($mybb->settings['enablepms'] != 0) 385 { 386 $plugins->add_hook("usercp_menu", "usercp_menu_messenger", 10); 387 } 388 389 $plugins->add_hook("usercp_menu", "usercp_menu_profile", 20); 390 $plugins->add_hook("usercp_menu", "usercp_menu_misc", 30); 391 392 // Run the plugin hooks 393 $plugins->run_hooks("usercp_menu"); 394 global $usercpmenu; 395 396 eval("\$usercpnav = \"".$templates->get("usercp_nav")."\";"); 397 398 $plugins->run_hooks("usercp_menu_built"); 399 } 400 401 /** 402 * Constructs the usercp messenger menu. 403 * 404 */ 405 function usercp_menu_messenger() 406 { 407 global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg; 408 409 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 410 foreach($foldersexploded as $key => $folders) 411 { 412 $folderinfo = explode("**", $folders, 2); 413 $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]); 414 if($folderinfo[0] == 4) 415 { 416 $class = "usercp_nav_trash_pmfolder"; 417 } 418 else if($folderlinks) 419 { 420 $class = "usercp_nav_sub_pmfolder"; 421 } 422 else 423 { 424 $class = "usercp_nav_pmfolder"; 425 } 426 427 $folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; 428 } 429 430 eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";"); 431 } 432 433 /** 434 * Constructs the usercp profile menu. 435 * 436 */ 437 function usercp_menu_profile() 438 { 439 global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg; 440 441 if($mybb->usergroup['canchangename'] != 0) 442 { 443 eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";"); 444 } 445 446 if($mybb->user['suspendsignature'] == 0 || ($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] < TIME_NOW)) 447 { 448 eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";"); 449 } 450 451 eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";"); 452 } 453 454 /** 455 * Constructs the usercp misc menu. 456 * 457 */ 458 function usercp_menu_misc() 459 { 460 global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg; 461 462 if($count['draftcount'] > 0) 463 { 464 $draftstart = "<strong>"; 465 $draftend = "</strong>"; 466 } 467 $profile_link = get_profile_link($mybb->user['uid']); 468 469 eval("\$usercpmenu .= \"".$templates->get("usercp_nav_misc")."\";"); 470 } 471 472 /** 473 * Gets the usertitle for a specific uid. 474 * 475 * @param int The uid of the user to get the usertitle of. 476 * @return string The usertitle of the user. 477 */ 478 function get_usertitle($uid="") 479 { 480 global $db, $mybb; 481 482 if($mybb->user['uid'] == $uid) 483 { 484 $user = $mybb->user; 485 } 486 else 487 { 488 $query = $db->simple_select("users", "usertitle,postnum", "uid='$uid'", array('limit' => 1)); 489 $user = $db->fetch_array($query); 490 } 491 492 if($user['usertitle']) 493 { 494 return $user['usertitle']; 495 } 496 else 497 { 498 $query = $db->simple_select("usertitles", "title", "posts<='".$user['postnum']."'", array('order_by' => 'posts', 'order_dir' => 'desc')); 499 $usertitle = $db->fetch_array($query); 500 501 return $usertitle['title']; 502 } 503 } 504 505 /** 506 * Updates a users private message count in the users table with the number of pms they have. 507 * 508 * @param int The user id to update the count for. If none, assumes currently logged in user. 509 * @param int Bitwise value for what to update. 1 = total, 2 = new, 4 = unread. Combinations accepted. 510 * @param int The unix timestamp the user with uid last visited. If not specified, will be queried. 511 */ 512 function update_pm_count($uid=0, $count_to_update=7) 513 { 514 global $db, $mybb; 515 static $pm_lastvisit_cache; 516 517 // If no user id, assume that we mean the current logged in user. 518 if(intval($uid) == 0) 519 { 520 $uid = $mybb->user['uid']; 521 } 522 523 // Update total number of messages. 524 if($count_to_update & 1) 525 { 526 $query = $db->simple_select("privatemessages", "COUNT(pmid) AS pms_total", "uid='".$uid."'"); 527 $total = $db->fetch_array($query); 528 $pmcount['totalpms'] = $total['pms_total']; 529 } 530 531 // Update number of unread messages. 532 if($count_to_update & 2 && $db->field_exists("unreadpms", "users") == true) 533 { 534 $query = $db->simple_select("privatemessages", "COUNT(pmid) AS pms_unread", "uid='".$uid."' AND status='0' AND folder='1'"); 535 $unread = $db->fetch_array($query); 536 $pmcount['unreadpms'] = $unread['pms_unread']; 537 } 538 539 if(is_array($pmcount)) 540 { 541 $db->update_query("users", $pmcount, "uid='".intval($uid)."'"); 542 } 543 return $pmcount; 544 } 545 546 /** 547 * Return the language specific name for a PM folder. 548 * 549 * @param int The ID of the folder. 550 * @param string The folder name - can be blank, will use language default. 551 * @return string The name of the folder. 552 */ 553 function get_pm_folder_name($fid, $name="") 554 { 555 global $lang; 556 557 if($name != '') 558 { 559 return $name; 560 } 561 562 switch($fid) 563 { 564 case 1; 565 return $lang->folder_inbox; 566 break; 567 case 2: 568 return $lang->folder_sent_items; 569 break; 570 case 3: 571 return $lang->folder_drafts; 572 break; 573 case 4: 574 return $lang->folder_trash; 575 break; 576 default: 577 return $lang->folder_untitled; 578 } 579 } 580 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Aug 3 20:35:36 2010 | Cross-referenced by PHPXref 0.7 |