| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: functions_user.php 5616 2011-09-20 13:24:59Z Tomm $ 10 */ 11 12 /** 13 * Checks if a user with uid $uid exists in the database. 14 * 15 * @param int The uid to check for. 16 * @return boolean True when exists, false when not. 17 */ 18 function user_exists($uid) 19 { 20 global $db; 21 22 $query = $db->simple_select("users", "COUNT(*) as user", "uid='".intval($uid)."'", array('limit' => 1)); 23 if($db->fetch_field($query, 'user') == 1) 24 { 25 return true; 26 } 27 else 28 { 29 return false; 30 } 31 } 32 33 /** 34 * Checks if $username already exists in the database. 35 * 36 * @param string The username for check for. 37 * @return boolean True when exists, false when not. 38 */ 39 function username_exists($username) 40 { 41 global $db; 42 43 $query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1)); 44 45 if($db->fetch_field($query, 'user') == 1) 46 { 47 return true; 48 } 49 else 50 { 51 return false; 52 } 53 } 54 55 /** 56 * Checks a password with a supplied username. 57 * 58 * @param string The username of the user. 59 * @param string The plain-text password. 60 * @return boolean|array False when no match, array with user info when match. 61 */ 62 function validate_password_from_username($username, $password) 63 { 64 global $db; 65 66 $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1)); 67 68 $user = $db->fetch_array($query); 69 if(!$user['uid']) 70 { 71 return false; 72 } 73 else 74 { 75 return validate_password_from_uid($user['uid'], $password, $user); 76 } 77 } 78 79 /** 80 * Checks a password with a supplied uid. 81 * 82 * @param int The user id. 83 * @param string The plain-text password. 84 * @param string An optional user data array. 85 * @return boolean|array False when not valid, user data array when valid. 86 */ 87 function validate_password_from_uid($uid, $password, $user = array()) 88 { 89 global $db, $mybb; 90 if($mybb->user['uid'] == $uid) 91 { 92 $user = $mybb->user; 93 } 94 if(!$user['password']) 95 { 96 $query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1)); 97 $user = $db->fetch_array($query); 98 } 99 if(!$user['salt']) 100 { 101 // Generate a salt for this user and assume the password stored in db is a plain md5 password 102 $user['salt'] = generate_salt(); 103 $user['password'] = salt_password($user['password'], $user['salt']); 104 $sql_array = array( 105 "salt" => $user['salt'], 106 "password" => $user['password'] 107 ); 108 $db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1); 109 } 110 111 if(!$user['loginkey']) 112 { 113 $user['loginkey'] = generate_loginkey(); 114 $sql_array = array( 115 "loginkey" => $user['loginkey'] 116 ); 117 $db->update_query("users", $sql_array, "uid = ".$user['uid'], 1); 118 } 119 if(salt_password(md5($password), $user['salt']) == $user['password']) 120 { 121 return $user; 122 } 123 else 124 { 125 return false; 126 } 127 } 128 129 /** 130 * Updates a user's password. 131 * 132 * @param int The user's id. 133 * @param string The md5()'ed password. 134 * @param string (Optional) The salt of the user. 135 * @return array The new password. 136 */ 137 function update_password($uid, $password, $salt="") 138 { 139 global $db, $plugins; 140 141 $newpassword = array(); 142 143 // If no salt was specified, check in database first, if still doesn't exist, create one 144 if(!$salt) 145 { 146 $query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1)); 147 $user = $db->fetch_array($query); 148 if($user['salt']) 149 { 150 $salt = $user['salt']; 151 } 152 else 153 { 154 $salt = generate_salt(); 155 } 156 $newpassword['salt'] = $salt; 157 } 158 159 // Create new password based on salt 160 $saltedpw = salt_password($password, $salt); 161 162 // Generate new login key 163 $loginkey = generate_loginkey(); 164 165 // Update password and login key in database 166 $newpassword['password'] = $saltedpw; 167 $newpassword['loginkey'] = $loginkey; 168 $db->update_query("users", $newpassword, "uid='$uid'", 1); 169 170 $plugins->run_hooks("password_changed"); 171 172 return $newpassword; 173 } 174 175 /** 176 * Salts a password based on a supplied salt. 177 * 178 * @param string The md5()'ed password. 179 * @param string The salt. 180 * @return string The password hash. 181 */ 182 function salt_password($password, $salt) 183 { 184 return md5(md5($salt).$password); 185 } 186 187 /** 188 * Generates a random salt 189 * 190 * @return string The salt. 191 */ 192 function generate_salt() 193 { 194 return random_str(8); 195 } 196 197 /** 198 * Generates a 50 character random login key. 199 * 200 * @return string The login key. 201 */ 202 function generate_loginkey() 203 { 204 return random_str(50); 205 } 206 207 /** 208 * Updates a user's salt in the database (does not update a password). 209 * 210 * @param int The uid of the user to update. 211 * @return string The new salt. 212 */ 213 function update_salt($uid) 214 { 215 global $db; 216 217 $salt = generate_salt(); 218 $sql_array = array( 219 "salt" => $salt 220 ); 221 $db->update_query("users", $sql_array, "uid='{$uid}'", 1); 222 223 return $salt; 224 } 225 226 /** 227 * Generates a new login key for a user. 228 * 229 * @param int The uid of the user to update. 230 * @return string The new login key. 231 */ 232 function update_loginkey($uid) 233 { 234 global $db; 235 236 $loginkey = generate_loginkey(); 237 $sql_array = array( 238 "loginkey" => $loginkey 239 ); 240 $db->update_query("users", $sql_array, "uid='{$uid}'", 1); 241 242 return $loginkey; 243 244 } 245 246 /** 247 * Adds a thread to a user's thread subscription list. 248 * If no uid is supplied, the currently logged in user's id will be used. 249 * 250 * @param int The tid of the thread to add to the list. 251 * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant) 252 * @param int (Optional) The uid of the user who's list to update. 253 * @return boolean True when success, false when otherwise. 254 */ 255 function add_subscribed_thread($tid, $notification=1, $uid="") 256 { 257 global $mybb, $db; 258 259 if(!$uid) 260 { 261 $uid = $mybb->user['uid']; 262 } 263 264 if(!$uid) 265 { 266 return; 267 } 268 269 $query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1)); 270 $subscription = $db->fetch_array($query); 271 if(!$subscription['tid']) 272 { 273 $insert_array = array( 274 'uid' => intval($uid), 275 'tid' => intval($tid), 276 'notification' => intval($notification), 277 'dateline' => TIME_NOW, 278 'subscriptionkey' => md5(TIME_NOW.$uid.$tid) 279 280 ); 281 $db->insert_query("threadsubscriptions", $insert_array); 282 } 283 else 284 { 285 // Subscription exists - simply update notification 286 $update_array = array( 287 "notification" => intval($notification) 288 ); 289 $db->update_query("threadsubscriptions", $update_array, "uid='{$uid}' AND tid='{$tid}'"); 290 } 291 return true; 292 } 293 294 /** 295 * Remove a thread from a user's thread subscription list. 296 * If no uid is supplied, the currently logged in user's id will be used. 297 * 298 * @param int The tid of the thread to remove from the list. 299 * @param int (Optional) The uid of the user who's list to update. 300 * @return boolean True when success, false when otherwise. 301 */ 302 function remove_subscribed_thread($tid, $uid="") 303 { 304 global $mybb, $db; 305 306 if(!$uid) 307 { 308 $uid = $mybb->user['uid']; 309 } 310 311 if(!$uid) 312 { 313 return; 314 } 315 $db->delete_query("threadsubscriptions", "tid='".$tid."' AND uid='{$uid}'"); 316 317 return true; 318 } 319 320 /** 321 * Adds a forum to a user's forum subscription list. 322 * If no uid is supplied, the currently logged in user's id will be used. 323 * 324 * @param int The fid of the forum to add to the list. 325 * @param int (Optional) The uid of the user who's list to update. 326 * @return boolean True when success, false when otherwise. 327 */ 328 function add_subscribed_forum($fid, $uid="") 329 { 330 global $mybb, $db; 331 332 if(!$uid) 333 { 334 $uid = $mybb->user['uid']; 335 } 336 337 if(!$uid) 338 { 339 return; 340 } 341 342 $fid = intval($fid); 343 $uid = intval($uid); 344 345 $query = $db->simple_select("forumsubscriptions", "*", "fid='".$fid."' AND uid='{$uid}'", array('limit' => 1)); 346 $fsubscription = $db->fetch_array($query); 347 if(!$fsubscription['fid']) 348 { 349 $insert_array = array( 350 'fid' => $fid, 351 'uid' => $uid 352 ); 353 $db->insert_query("forumsubscriptions", $insert_array); 354 } 355 356 return true; 357 } 358 359 /** 360 * Removes a forum from a user's forum subscription list. 361 * If no uid is supplied, the currently logged in user's id will be used. 362 * 363 * @param int The fid of the forum to remove from the list. 364 * @param int (Optional) The uid of the user who's list to update. 365 * @return boolean True when success, false when otherwise. 366 */ 367 function remove_subscribed_forum($fid, $uid="") 368 { 369 global $mybb, $db; 370 371 if(!$uid) 372 { 373 $uid = $mybb->user['uid']; 374 } 375 376 if(!$uid) 377 { 378 return; 379 } 380 $db->delete_query("forumsubscriptions", "fid='".$fid."' AND uid='{$uid}'"); 381 382 return true; 383 } 384 385 /** 386 * Constructs the usercp navigation menu. 387 * 388 */ 389 function usercp_menu() 390 { 391 global $mybb, $templates, $theme, $plugins, $lang, $usercpnav, $usercpmenu; 392 393 $lang->load("usercpnav"); 394 395 // Add the default items as plugins with separated priorities of 10 396 if($mybb->settings['enablepms'] != 0) 397 { 398 $plugins->add_hook("usercp_menu", "usercp_menu_messenger", 10); 399 } 400 401 $plugins->add_hook("usercp_menu", "usercp_menu_profile", 20); 402 $plugins->add_hook("usercp_menu", "usercp_menu_misc", 30); 403 404 // Run the plugin hooks 405 $plugins->run_hooks("usercp_menu"); 406 global $usercpmenu; 407 408 eval("\$usercpnav = \"".$templates->get("usercp_nav")."\";"); 409 410 $plugins->run_hooks("usercp_menu_built"); 411 } 412 413 /** 414 * Constructs the usercp messenger menu. 415 * 416 */ 417 function usercp_menu_messenger() 418 { 419 global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg; 420 421 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 422 foreach($foldersexploded as $key => $folders) 423 { 424 $folderinfo = explode("**", $folders, 2); 425 $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]); 426 if($folderinfo[0] == 4) 427 { 428 $class = "usercp_nav_trash_pmfolder"; 429 } 430 else if($folderlinks) 431 { 432 $class = "usercp_nav_sub_pmfolder"; 433 } 434 else 435 { 436 $class = "usercp_nav_pmfolder"; 437 } 438 439 $folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; 440 } 441 442 eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";"); 443 } 444 445 /** 446 * Constructs the usercp profile menu. 447 * 448 */ 449 function usercp_menu_profile() 450 { 451 global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg; 452 453 if($mybb->usergroup['canchangename'] != 0) 454 { 455 eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";"); 456 } 457 458 if($mybb->usergroup['canusesig'] == 1 && ($mybb->usergroup['canusesigxposts'] == 0 || $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] > $mybb->usergroup['canusesigxposts'])) 459 { 460 if($mybb->user['suspendsignature'] == 0 || $mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] < TIME_NOW) 461 { 462 eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";"); 463 } 464 } 465 466 eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";"); 467 } 468 469 /** 470 * Constructs the usercp misc menu. 471 * 472 */ 473 function usercp_menu_misc() 474 { 475 global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg; 476 477 $query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); 478 $count = $db->fetch_array($query); 479 480 if($count['draftcount'] > 0) 481 { 482 $draftstart = "<strong>"; 483 $draftend = "</strong>"; 484 $draftcount = "(".my_number_format($count['draftcount']).")"; 485 } 486 487 $profile_link = get_profile_link($mybb->user['uid']); 488 eval("\$usercpmenu .= \"".$templates->get("usercp_nav_misc")."\";"); 489 } 490 491 /** 492 * Gets the usertitle for a specific uid. 493 * 494 * @param int The uid of the user to get the usertitle of. 495 * @return string The usertitle of the user. 496 */ 497 function get_usertitle($uid="") 498 { 499 global $db, $mybb; 500 501 if($mybb->user['uid'] == $uid) 502 { 503 $user = $mybb->user; 504 } 505 else 506 { 507 $query = $db->simple_select("users", "usertitle,postnum", "uid='$uid'", array('limit' => 1)); 508 $user = $db->fetch_array($query); 509 } 510 511 if($user['usertitle']) 512 { 513 return $user['usertitle']; 514 } 515 else 516 { 517 $query = $db->simple_select("usertitles", "title", "posts<='".$user['postnum']."'", array('order_by' => 'posts', 'order_dir' => 'desc')); 518 $usertitle = $db->fetch_array($query); 519 520 return $usertitle['title']; 521 } 522 } 523 524 /** 525 * Updates a users private message count in the users table with the number of pms they have. 526 * 527 * @param int The user id to update the count for. If none, assumes currently logged in user. 528 * @param int Bitwise value for what to update. 1 = total, 2 = new, 4 = unread. Combinations accepted. 529 * @param int The unix timestamp the user with uid last visited. If not specified, will be queried. 530 */ 531 function update_pm_count($uid=0, $count_to_update=7) 532 { 533 global $db, $mybb; 534 static $pm_lastvisit_cache; 535 536 // If no user id, assume that we mean the current logged in user. 537 if(intval($uid) == 0) 538 { 539 $uid = $mybb->user['uid']; 540 } 541 542 // Update total number of messages. 543 if($count_to_update & 1) 544 { 545 $query = $db->simple_select("privatemessages", "COUNT(pmid) AS pms_total", "uid='".$uid."'"); 546 $total = $db->fetch_array($query); 547 $pmcount['totalpms'] = $total['pms_total']; 548 } 549 550 // Update number of unread messages. 551 if($count_to_update & 2 && $db->field_exists("unreadpms", "users") == true) 552 { 553 $query = $db->simple_select("privatemessages", "COUNT(pmid) AS pms_unread", "uid='".$uid."' AND status='0' AND folder='1'"); 554 $unread = $db->fetch_array($query); 555 $pmcount['unreadpms'] = $unread['pms_unread']; 556 } 557 558 if(is_array($pmcount)) 559 { 560 $db->update_query("users", $pmcount, "uid='".intval($uid)."'"); 561 } 562 return $pmcount; 563 } 564 565 /** 566 * Return the language specific name for a PM folder. 567 * 568 * @param int The ID of the folder. 569 * @param string The folder name - can be blank, will use language default. 570 * @return string The name of the folder. 571 */ 572 function get_pm_folder_name($fid, $name="") 573 { 574 global $lang; 575 576 if($name != '') 577 { 578 return $name; 579 } 580 581 switch($fid) 582 { 583 case 1; 584 return $lang->folder_inbox; 585 break; 586 case 2: 587 return $lang->folder_sent_items; 588 break; 589 case 3: 590 return $lang->folder_drafts; 591 break; 592 case 4: 593 return $lang->folder_trash; 594 break; 595 default: 596 return $lang->folder_untitled; 597 } 598 } 599 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |