| [ Index ] |
PHP Cross Reference of Nucleus CMS 3.64 |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) 5 * Copyright (C) 2002-2009 The Nucleus Group 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License 9 * as published by the Free Software Foundation; either version 2 10 * of the License, or (at your option) any later version. 11 * (see nucleus/documentation/index.html#license for more info) 12 */ 13 /** 14 * A class representing site members 15 * 16 * @license http://nucleuscms.org/license.txt GNU General Public License 17 * @copyright Copyright (C) 2002-2009 The Nucleus Group 18 * @version $Id: MEMBER.php 1476 2010-12-05 23:23:32Z gregorlove $ 19 */ 20 class MEMBER { 21 22 // 1 when authenticated, 0 when not 23 var $loggedin = 0; 24 var $password; // not the actual password, but rather a MD5 hash 25 26 var $cookiekey; // value that should also be in the client cookie to allow authentication 27 28 // member info 29 var $id = -1; 30 var $realname; 31 var $displayname; 32 var $email; 33 var $url; 34 var $language = ''; // name of the language file to use (e.g. 'english' -> english.php) 35 var $admin = 0; // (either 0 or 1) 36 var $canlogin = 0; // (either 0 or 1) 37 var $notes; 38 var $autosave = 1; // if the member use the autosave draft function 39 40 /** 41 * Constructor for a member object 42 */ 43 function MEMBER() { 44 // do nothing 45 } 46 47 /** 48 * Create a member object for a given displayname 49 * 50 * @static 51 */ 52 function &createFromName($displayname) { 53 $mem =& new MEMBER(); 54 $mem->readFromName($displayname); 55 return $mem; 56 } 57 58 /** 59 * Create a member object for a given ID 60 * 61 * @static 62 */ 63 function &createFromID($id) { 64 $mem =& new MEMBER(); 65 $mem->readFromID($id); 66 return $mem; 67 } 68 69 function readFromName($displayname) { 70 return $this->read("mname='".sql_real_escape_string($displayname)."'"); 71 } 72 73 function readFromID($id) { 74 return $this->read("mnumber=" . intval($id)); 75 } 76 77 /** 78 * Tries to login as a given user. 79 * Returns true when succeeded, returns false when failed 80 * 3.40 adds CustomLogin event 81 */ 82 function login($login, $password) { 83 global $manager; 84 $this->loggedin = 0; 85 $success = 0; 86 $allowlocal = 1; 87 $manager->notify('CustomLogin', array('login' => &$login, 'password'=>&$password, 'success'=>&$success, 'allowlocal'=>&$allowlocal) ); 88 if ($success && $this->readFromName($login)) { 89 $this->loggedin = 1; 90 return $this->isLoggedIn(); 91 } elseif (!$success && $allowlocal) { 92 if (!$this->readFromName($login)) 93 return 0; 94 if (!$this->checkPassword($password)) 95 return 0; 96 $this->loggedin = 1; 97 return $this->isLoggedIn(); 98 } else { 99 return 0; 100 } 101 } 102 103 /** 104 * Login using cookie key 105 */ 106 function cookielogin($login, $cookiekey) { 107 $this->loggedin = 0; 108 if (!$this->readFromName($login)) 109 return 0; 110 if (!$this->checkCookieKey($cookiekey)) 111 return 0; 112 $this->loggedin = 1; 113 return $this->isLoggedIn(); 114 } 115 116 function logout() { 117 $this->loggedin=0; 118 } 119 120 function isLoggedIn() { 121 return $this->loggedin; 122 } 123 124 /** 125 * Read member information from the database 126 */ 127 function read($where) { 128 // read info 129 $query = 'SELECT * FROM '.sql_table('member') . ' WHERE ' . $where; 130 131 $res = sql_query($query); 132 $obj = sql_fetch_object($res); 133 134 $this->setRealName($obj->mrealname); 135 $this->setEmail($obj->memail); 136 $this->password = $obj->mpassword; 137 $this->setCookieKey($obj->mcookiekey); 138 $this->setURL($obj->murl); 139 $this->setDisplayName($obj->mname); 140 $this->setAdmin($obj->madmin); 141 $this->id = $obj->mnumber; 142 $this->setCanLogin($obj->mcanlogin); 143 $this->setNotes($obj->mnotes); 144 $this->setLanguage($obj->deflang); 145 $this->setAutosave($obj->mautosave); 146 147 return sql_num_rows($res); 148 } 149 150 151 /** 152 * Returns true if member is an admin for the given blog 153 * (returns false if not a team member) 154 */ 155 function isBlogAdmin($blogid) { 156 $query = 'SELECT tadmin FROM '.sql_table('team').' WHERE' 157 . ' tblog=' . intval($blogid) 158 . ' and tmember='. $this->getID(); 159 $res = sql_query($query); 160 if (sql_num_rows($res) == 0) 161 return 0; 162 else 163 return (sql_result($res,0,0) == 1) ; 164 } 165 166 function blogAdminRights($blogid) { 167 return ($this->isAdmin() || $this->isBlogAdmin($blogid)); 168 } 169 170 171 function teamRights($blogid) { 172 return ($this->isAdmin() || $this->isTeamMember($blogid)); 173 } 174 175 /** 176 * Returns true if this member is a team member of the given blog 177 */ 178 function isTeamMember($blogid) { 179 $query = 'SELECT * FROM '.sql_table('team').' WHERE' 180 . ' tblog=' . intval($blogid) 181 . ' and tmember='. $this->getID(); 182 $res = sql_query($query); 183 return (sql_num_rows($res) != 0); 184 } 185 186 function canAddItem($catid) { 187 global $manager; 188 189 // if this is a 'newcat' style newcat 190 // no blog admin of destination blog -> NOK 191 // blog admin of destination blog -> OK 192 if (strstr($catid,'newcat')) { 193 // get blogid 194 list($blogid) = sscanf($catid,"newcat-%d"); 195 return $this->blogAdminRights($blogid); 196 } 197 198 // category does not exist -> NOK 199 if (!$manager->existsCategory($catid)) return 0; 200 201 $blogid = getBlogIDFromCatID($catid); 202 203 // no team rights for blog -> NOK 204 if (!$this->teamRights($blogid)) return 0; 205 206 // all other cases: OK 207 return 1; 208 } 209 210 /** 211 * Returns true if this member can edit/delete a commentitem. This can be in the 212 * following cases: 213 * - member is a super-admin 214 * - member is the author of the comment 215 * - member is admin of the blog associated with the comment 216 * - member is author of the item associated with the comment 217 */ 218 function canAlterComment($commentid) { 219 if ($this->isAdmin()) return 1; 220 221 $query = 'SELECT citem as itemid, iblog as blogid, cmember as cauthor, iauthor' 222 . ' FROM '.sql_table('comment') .', '.sql_table('item').', '.sql_table('blog') 223 . ' WHERE citem=inumber and iblog=bnumber and cnumber=' . intval($commentid); 224 $res = sql_query($query); 225 $obj = sql_fetch_object($res); 226 227 return ($obj->cauthor == $this->getID()) or $this->isBlogAdmin($obj->blogid) or ($obj->iauthor == $this->getID()); 228 } 229 230 /** 231 * Returns true if this member can edit/delete an item. This is true in the following 232 * cases: - member is a super-admin 233 * - member is the author of the item 234 * - member is admin of the the associated blog 235 */ 236 function canAlterItem($itemid) { 237 if ($this->isAdmin()) return 1; 238 239 $query = 'SELECT iblog, iauthor FROM '.sql_table('item').' WHERE inumber=' . intval($itemid); 240 $res = sql_query($query); 241 $obj = sql_fetch_object($res); 242 return ($obj->iauthor == $this->getID()) or $this->isBlogAdmin($obj->iblog); 243 } 244 245 /** 246 * Return true if member can be deleted. This means that there are no items 247 * posted by the member left 248 */ 249 function canBeDeleted() { 250 $res = sql_query('SELECT * FROM '.sql_table('item').' WHERE iauthor=' . $this->getID()); 251 return (sql_num_rows($res) == 0); 252 } 253 254 /** 255 * returns true if this member can move/update an item to a given category, 256 * false if not (see comments fot the tests that are executed) 257 * 258 * @param itemid 259 * @param newcat (can also be of form 'newcat-x' with x=blogid) 260 */ 261 function canUpdateItem($itemid, $newcat) { 262 global $manager; 263 264 // item does not exists -> NOK 265 if (!$manager->existsItem($itemid,1,1)) return 0; 266 267 // cannot alter item -> NOK 268 if (!$this->canAlterItem($itemid)) return 0; 269 270 // if this is a 'newcat' style newcat 271 // no blog admin of destination blog -> NOK 272 // blog admin of destination blog -> OK 273 if (strstr($newcat,'newcat')) { 274 // get blogid 275 list($blogid) = sscanf($newcat,'newcat-%d'); 276 return $this->blogAdminRights($blogid); 277 } 278 279 // category does not exist -> NOK 280 if (!$manager->existsCategory($newcat)) return 0; 281 282 283 // get item 284 $item =& $manager->getItem($itemid,1,1); 285 286 // old catid = new catid -> OK 287 if ($item['catid'] == $newcat) return 1; 288 289 // not a valid category -> NOK 290 $validCat = quickQuery('SELECT COUNT(*) AS result FROM '.sql_table('category').' WHERE catid='.intval($newcat)); 291 if (!$validCat) return 0; 292 293 // get destination blog 294 $source_blogid = getBlogIDFromItemID($itemid); 295 $dest_blogid = getBlogIDFromCatID($newcat); 296 297 // not a team member of destination blog -> NOK 298 if (!$this->teamRights($dest_blogid)) return 0; 299 300 // if member is author of item -> OK 301 if ($item['authorid'] == $this->getID()) return 1; 302 303 // if member has admin rights on both blogs: OK 304 if (($this->blogAdminRights($dest_blogid)) && ($this->blogAdminRights($source_blogid))) return 1; 305 306 // all other cases: NOK 307 return 0; 308 309 } 310 311 /** 312 * Sets the cookies for the member 313 * 314 * @param shared 315 * set this to 1 when using a shared computer. Cookies will expire 316 * at the end of the session in this case. 317 */ 318 function setCookies($shared = 0) { 319 global $CONF; 320 321 if ($CONF['SessionCookie'] || $shared) 322 $lifetime = 0; 323 else 324 $lifetime = (time()+2592000); 325 326 setcookie($CONF['CookiePrefix'] .'user',$this->getDisplayName(),$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']); 327 setcookie($CONF['CookiePrefix'] .'loginkey', $this->getCookieKey(),$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']); 328 329 // make sure cookies on shared pcs don't get renewed 330 if ($shared) 331 setcookie($CONF['CookiePrefix'] .'sharedpc', '1',$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']); 332 } 333 334 function sendActivationLink($type, $extra='') 335 { 336 global $CONF; 337 338 if (!isset($CONF['ActivationDays'])) $CONF['ActivationDays'] = 2; 339 340 // generate key and URL 341 $key = $this->generateActivationEntry($type, $extra); 342 $url = $CONF['AdminURL'] . 'index.php?action=activate&key=' . $key; 343 344 // choose text to use in mail 345 switch ($type) 346 { 347 case 'register': 348 $message = _ACTIVATE_REGISTER_MAIL; 349 $title = _ACTIVATE_REGISTER_MAILTITLE; 350 break; 351 case 'forgot': 352 $message = _ACTIVATE_FORGOT_MAIL; 353 $title = _ACTIVATE_FORGOT_MAILTITLE; 354 break; 355 case 'addresschange': 356 $message = _ACTIVATE_CHANGE_MAIL; 357 $title = _ACTIVATE_CHANGE_MAILTITLE; 358 break; 359 default; 360 } 361 362 // fill out variables in text 363 364 $aVars = array( 365 'siteName' => $CONF['SiteName'], 366 'siteUrl' => $CONF['IndexURL'], 367 'memberName' => $this->getDisplayName(), 368 'activationUrl' => $url, 369 'activationDays' => $CONF['ActivationDays'] 370 ); 371 372 $message = TEMPLATE::fill($message, $aVars); 373 $title = TEMPLATE::fill($title, $aVars); 374 375 // send mail 376 377 @mail($this->getEmail(), $title ,$message,'From: ' . $CONF['AdminEmail']); 378 379 ACTIONLOG::add(INFO, _ACTIONLOG_ACTIVATIONLINK . ' (' . $this->getDisplayName() . ' / type: ' . $type . ')'); 380 381 382 } 383 384 /** 385 * Returns an array of all blogids for which member has admin rights 386 */ 387 function getAdminBlogs() { 388 $blogs = array(); 389 390 if ($this->isAdmin()) 391 $query = 'SELECT bnumber as blogid from '.sql_table('blog'); 392 else 393 $query = 'SELECT tblog as blogid from '.sql_table('team').' where tadmin=1 and tmember=' . $this->getID(); 394 395 $res = sql_query($query); 396 if (sql_num_rows($res) > 0) { 397 while ($obj = sql_fetch_object($res)) { 398 array_push($blogs, $obj->blogid); 399 } 400 } 401 402 return $blogs; 403 } 404 405 /** 406 * Returns an array of all blogids for which member has team rights 407 */ 408 function getTeamBlogs($incAdmin = 1) { 409 $incAdmin = intval($incAdmin); 410 $blogs = array(); 411 412 if ($this->isAdmin() && $incAdmin) 413 $query = 'SELECT bnumber as blogid from '.sql_table('blog'); 414 else 415 $query = 'SELECT tblog as blogid from '.sql_table('team').' where tmember=' . $this->getID(); 416 417 $res = sql_query($query); 418 if (sql_num_rows($res) > 0) { 419 while ($obj = sql_fetch_object($res)) { 420 array_push($blogs, $obj->blogid); 421 } 422 } 423 424 return $blogs; 425 } 426 427 /** 428 * Returns an email address from which notification of commenting/karma voting can 429 * be sent. A suggestion can be given for when the member is not logged in 430 */ 431 function getNotifyFromMailAddress($suggest = "") { 432 global $CONF; 433 if ($this->isLoggedIn()) { 434 return $this->getDisplayName() . " <" . $this->getEmail() . ">"; 435 } else if (isValidMailAddress($suggest)) { 436 return $suggest; 437 } else { 438 return $CONF['AdminEmail']; 439 } 440 } 441 442 /** 443 * Write data to database 444 */ 445 function write() { 446 447 $query = 'UPDATE '.sql_table('member') 448 . " SET mname='" . sql_real_escape_string($this->getDisplayName()) . "'," 449 . " mrealname='". sql_real_escape_string($this->getRealName()) . "'," 450 . " mpassword='". sql_real_escape_string($this->getPassword()) . "'," 451 . " mcookiekey='". sql_real_escape_string($this->getCookieKey()) . "'," 452 . " murl='" . sql_real_escape_string($this->getURL()) . "'," 453 . " memail='" . sql_real_escape_string($this->getEmail()) . "'," 454 . " madmin=" . $this->isAdmin() . "," 455 . " mnotes='" . sql_real_escape_string($this->getNotes()) . "'," 456 . " mcanlogin=" . $this->canLogin() . "," 457 . " deflang='" . sql_real_escape_string($this->getLanguage()) . "'," 458 . " mautosave=" . intval($this->getAutosave()) . "" 459 . " WHERE mnumber=" . $this->getID(); 460 sql_query($query); 461 } 462 463 function checkCookieKey($key) { 464 return (($key != '') && ($key == $this->getCookieKey())); 465 } 466 467 function checkPassword($pw) { 468 return (md5($pw) == $this->getPassword()); 469 } 470 471 function getRealName() { 472 return $this->realname; 473 } 474 475 function setRealName($name) { 476 $this->realname = $name; 477 } 478 479 function getEmail() { 480 return $this->email; 481 } 482 483 function setEmail($email) { 484 $this->email = $email; 485 } 486 487 function getPassword() { 488 return $this->password; 489 } 490 491 function setPassword($pwd) { 492 $this->password = md5($pwd); 493 } 494 495 function getCookieKey() { 496 return $this->cookiekey; 497 } 498 499 /** 500 * Generate new cookiekey, save it, and return it 501 */ 502 function newCookieKey() { 503 mt_srand( (double) microtime() * 1000000); 504 $this->cookiekey = md5(uniqid(mt_rand())); 505 $this->write(); 506 return $this->cookiekey; 507 } 508 509 function setCookieKey($val) { 510 $this->cookiekey = $val; 511 } 512 513 function getURL() { 514 return $this->url; 515 } 516 517 function setURL($site) { 518 $this->url = $site; 519 } 520 521 function getLanguage() { 522 return $this->language; 523 } 524 525 function setLanguage($lang) { 526 $this->language = $lang; 527 } 528 529 function setDisplayName($nick) { 530 $this->displayname = $nick; 531 } 532 533 function getDisplayName() { 534 return $this->displayname; 535 } 536 537 function isAdmin() { 538 return $this->admin; 539 } 540 541 function setAdmin($val) { 542 $this->admin = $val; 543 } 544 545 function canLogin() { 546 return $this->canlogin; 547 } 548 549 function setCanLogin($val) { 550 $this->canlogin = $val; 551 } 552 553 function getNotes() { 554 return $this->notes; 555 } 556 557 function setNotes($val) { 558 $this->notes = $val; 559 } 560 561 function getAutosave() { 562 return $this->autosave; 563 } 564 565 function setAutosave($val) { 566 $this->autosave = $val; 567 } 568 569 function getID() { 570 return $this->id; 571 } 572 573 /** 574 * Returns true if there is a member with the given login name 575 * 576 * @static 577 */ 578 function exists($name) { 579 $r = sql_query('select * FROM '.sql_table('member')." WHERE mname='".sql_real_escape_string($name)."'"); 580 return (sql_num_rows($r) != 0); 581 } 582 583 /** 584 * Returns true if there is a member with the given ID 585 * 586 * @static 587 */ 588 function existsID($id) { 589 $r = sql_query('select * FROM '.sql_table('member')." WHERE mnumber='".intval($id)."'"); 590 return (sql_num_rows($r) != 0); 591 } 592 593 /** 594 * Checks if a username is protected. 595 * If so, it can not be used on anonymous comments 596 */ 597 function isNameProtected($name) { 598 599 // extract name 600 $name = strip_tags($name); 601 $name = trim($name); 602 603 return MEMBER::exists($name); 604 } 605 606 /** 607 * Adds a new member 608 * 609 * @static 610 */ 611 function create($name, $realname, $password, $email, $url, $admin, $canlogin, $notes) { 612 613 if (!isValidMailAddress($email) ) 614 { 615 return _ERROR_BADMAILADDRESS; 616 } 617 618 if (!isValidDisplayName($name) ) 619 { 620 return _ERROR_BADNAME; 621 } 622 623 if (MEMBER::exists($name) ) 624 { 625 return _ERROR_NICKNAMEINUSE; 626 } 627 628 if (!$realname) 629 { 630 return _ERROR_REALNAMEMISSING; 631 } 632 633 if (!$password) 634 { 635 return _ERROR_PASSWORDMISSING; 636 } 637 638 # replaced eregi() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0 639 # original eregi: !eregi("^https?://", $url) 640 641 // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it. 642 if (!preg_match('#^https?://#', $url) ) 643 { 644 $url = 'http://' . $url; 645 } // end if 646 647 $name = sql_real_escape_string($name); 648 $realname = sql_real_escape_string($realname); 649 $password = sql_real_escape_string(md5($password)); 650 $email = sql_real_escape_string($email); 651 $url = sql_real_escape_string($url); 652 $admin = intval($admin); 653 $canlogin = intval($canlogin); 654 $notes = sql_real_escape_string($notes); 655 656 $query = 'INSERT INTO '.sql_table('member')." (MNAME,MREALNAME,MPASSWORD,MEMAIL,MURL, MADMIN, MCANLOGIN, MNOTES) " 657 . "VALUES ('$name','$realname','$password','$email','$url',$admin, $canlogin, '$notes')"; 658 sql_query($query); 659 660 ACTIONLOG::add(INFO, _ACTIONLOG_NEWMEMBER . ' ' . $name); 661 662 return 1; 663 } 664 665 /** 666 * Returns activation info for a certain key (an object with properties vkey, vmember, ...) 667 * (static) 668 * 669 * @author karma 670 */ 671 function getActivationInfo($key) 672 { 673 $query = 'SELECT * FROM ' . sql_table('activation') . ' WHERE vkey=\'' . sql_real_escape_string($key). '\''; 674 $res = sql_query($query); 675 676 if (!$res || (sql_num_rows($res) == 0)) 677 return 0; 678 else 679 return sql_fetch_object($res); 680 } 681 682 /** 683 * Creates an account activation key 684 * 685 * @param $type one of the following values (determines what to do when activation expires) 686 * 'register' (new member registration) 687 * 'forgot' (forgotton password) 688 * 'addresschange' (member address has changed) 689 * @param $extra extra info (needed when validation link expires) 690 * addresschange -> old email address 691 * @author dekarma 692 */ 693 function generateActivationEntry($type, $extra = '') 694 { 695 // clean up old entries 696 $this->cleanupActivationTable(); 697 698 // kill any existing entries for the current member (delete is ok) 699 // (only one outstanding activation key can be present for a member) 700 sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . intval($this->getID())); 701 702 $canLoginWhileActive = false; // indicates if the member can log in while the link is active 703 switch ($type) 704 { 705 case 'forgot': 706 $canLoginWhileActive = true; 707 break; 708 case 'register': 709 break; 710 case 'addresschange': 711 $extra = $extra . '/' . ($this->canLogin() ? '1' : '0'); 712 break; 713 } 714 715 $ok = false; 716 while (!$ok) 717 { 718 // generate a random key 719 srand((double)microtime()*1000000); 720 $key = md5(uniqid(rand(), true)); 721 722 // attempt to add entry in database 723 // add in database as non-active 724 $query = 'INSERT INTO ' . sql_table('activation'). ' (vkey, vtime, vmember, vtype, vextra) '; 725 $query .= 'VALUES (\'' . sql_real_escape_string($key). '\', \'' . date('Y-m-d H:i:s',time()) . '\', \'' . intval($this->getID()). '\', \'' . sql_real_escape_string($type). '\', \'' . sql_real_escape_string($extra). '\')'; 726 if (sql_query($query)) 727 $ok = true; 728 } 729 730 // mark member as not allowed to log in 731 if (!$canLoginWhileActive) 732 { 733 $this->setCanLogin(0); 734 $this->write(); 735 } 736 737 // return the key 738 return $key; 739 } 740 741 /** 742 * Inidicates that an activation link has been clicked and any forms displayed 743 * there have been successfully filled out. 744 * @author dekarma 745 */ 746 function activate($key) 747 { 748 // get activate info 749 $info = MEMBER::getActivationInfo($key); 750 751 // no active key 752 if (!$info) 753 return false; 754 755 switch ($info->vtype) 756 { 757 case 'forgot': 758 // nothing to do 759 break; 760 case 'register': 761 // set canlogin value 762 global $CONF; 763 sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($CONF['NewMemberCanLogon']). ' WHERE mnumber=' . intval($info->vmember)); 764 break; 765 case 'addresschange': 766 // reset old 'canlogin' value 767 list($oldEmail, $oldCanLogin) = explode('/', $info->vextra); 768 sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($oldCanLogin). ' WHERE mnumber=' . intval($info->vmember)); 769 break; 770 } 771 772 // delete from activation table 773 sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vkey=\'' . sql_real_escape_string($key) . '\''); 774 775 // success! 776 return true; 777 } 778 779 /** 780 * Cleans up entries in the activation table. All entries older than 2 days are removed. 781 * (static) 782 * 783 * @author dekarma 784 */ 785 function cleanupActivationTable() 786 { 787 $actdays = 2; 788 if (isset($CONF['ActivationDays']) && intval($CONF['ActivationDays']) > 0) { 789 $actdays = intval($CONF['ActivationDays']); 790 } 791 else { 792 $CONF['ActivationDays'] = 2; 793 } 794 $boundary = time() - (60 * 60 * 24 * $actdays); 795 796 // 1. walk over all entries, and see if special actions need to be performed 797 $res = sql_query('SELECT * FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\''); 798 799 while ($o = sql_fetch_object($res)) 800 { 801 switch ($o->vtype) 802 { 803 case 'register': 804 // delete all information about this site member. registration is undone because there was 805 // no timely activation 806 include_once ($DIR_LIBS . 'ADMIN.php'); 807 ADMIN::deleteOneMember(intval($o->vmember)); 808 break; 809 case 'addresschange': 810 // revert the e-mail address of the member back to old address 811 list($oldEmail, $oldCanLogin) = explode('/', $o->vextra); 812 sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($oldCanLogin). ', memail=\'' . sql_real_escape_string($oldEmail). '\' WHERE mnumber=' . intval($o->vmember)); 813 break; 814 case 'forgot': 815 // delete the activation link and ignore. member can request a new password using the 816 // forgot password link 817 break; 818 } 819 } 820 821 // 2. delete activation entries for real 822 sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\''); 823 } 824 825 } 826 827 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon May 2 16:14:08 2011 | Cross-referenced by PHPXref 0.7.1 |