| vv456 |
| Advanced user |
 |
| |
| Joined: Aug 24, 2012 |
| Posts: 190 |
|
|
|
 |
|
 |
|
| Code: | <?php
class __User {
protected $uid = null;
protected $fields = null;
function __construct() {
$this->uid = null;
$this->fields = array( 'username' => '', 'password' => '', 'salt' => '', 'email_address' => '', 'country' => '', 'websites' => '', 'referrer_id' => '', 'active' => 0, 'ip_address' => '', 'date_registration' => '', 'firstname' => '', 'lastname' => '', 'address' => '', 'city' => '', 'state' => '', 'phone' => '', 'zip' => '', 'gender' => '', 'balance' => '0.00', 'promotional_methods' => '' );
}
function __get($field) {
if ($field == 'uid') {
return $this->uid;
}
return $this->fields[$field];
}
function __set($field, $value) {
if (array_key_exists( $field, $this->fields )) {
$this->fields[$field] = $value;
}
}
function setReferrer() {
if (( isset( $_SESSION['ref'] ) && !empty( $_SESSION['ref'] ) )) {
$this->referrer_id = mysql_real_escape_string( $_SESSION['ref'] );
}
}
function generateSalt() {
$rand = md5( rand( 0, 999999 ) );
$this->salt = substr( $rand, 0, 6 );
}
function validateUsername($username) {
return preg_match( '/^[A-Z0-9]{2,20}$/i', $username );
}
function validateEmail($email) {
return filter_var( $email, FILTER_VALIDATE_EMAIL );
}
function getById($uid) {
$user = new __User( );
$query = sprintf( 'SELECT * FROM users WHERE uid = %d', $uid );
$result = mysql_query( $query, $GLOBALS['DB'] );
if (mysql_num_rows( $result )) {
$row = mysql_fetch_assoc( $result );
$user->username = $row['username'];
$user->password = $row['password'];
$user->email_address = $row['email_address'];
$user->firstname = $row['firstname'];
$user->lastname = $row['lastname'];
$user->address = $row['address'];
$user->state = $row['state'];
$user->city = $row['city'];
$user->zip = $row['zip'];
$user->country = $row['country'];
$user->phone = $row['phone'];
$user->websites = $row['websites'];
$user->active = $row['active'];
$user->salt = $row['salt'];
$user->date_registration = $row['date_registration'];
$user->uid = $uid;
}
mysql_free_result( $result );
return $user;
}
function usernameExists($username) {
$query = sprintf( 'SELECT * FROM users WHERE username = "%s"', $username );
$result = mysql_query( $query, $GLOBALS['DB'] );
if (0 < mysql_num_rows( $result )) {
$exists = true;
}
else {
$exists = false;
}
mysql_free_result( $result );
return $exists;
}
function emailExists($email) {
$query = sprintf( 'SELECT * FROM users WHERE email_address = "%s"', $email );
$result = mysql_query( $query, $GLOBALS['DB'] );
if (0 < mysql_num_rows( $result )) {
$exists = true;
}
else {
$exists = false;
}
mysql_free_result( $result );
return $exists;
}
function isEmailInUse($uid, $email) {
$query = sprintf( 'SELECT * FROM users WHERE email_address = "%s" AND uid != "%d"', $email, $uid );
$result = mysql_query( $query, $GLOBALS['DB'] );
if (0 < mysql_num_rows( $result )) {
$exists = true;
}
else {
$exists = false;
}
mysql_free_result( $result );
return $exists;
}
function createAccount() {
$this->phone = '00000000';
$this->generateSalt( );
$query = sprintf( 'INSERT INTO users (username, password, salt, email_address, referrer_id, active, ip_address, date_registration, firstname, lastname, country, websites, address, city, state, zip, promotional_methods) VALUES (\'%s\', \'%s\', \'%s\', \'%s\', \'%d\', \'%d\', \'%s\', NOW(), \'%s\', \'%s\', \'%s\', \'%s\', \'%s\', \'%s\', \'%s\', \'%s\', \'%s\')', $this->username, md5( $this->salt . $this->password ), $this->salt, $this->email_address, $this->referrer_id, 0, $this->ip_address, $this->firstname, $this->lastname, $this->country, $this->websites, $this->address, $this->city, $this->state, $this->zip, $this->promotional_methods );
if (mysql_query( $query, $GLOBALS['DB'] )) {
$this->uid = mysql_insert_id( $GLOBALS['DB'] );
unset( $_SESSION[ref] );
$token = substr( md5( uniqid( ) ), 1, 11 );
$query = sprintf( 'INSERT INTO pending_users (email, TOKEN) VALUES ("%s", "%s")', $this->email_address, $token );
if (!mysql_query( $query, $GLOBALS['DB'] )) {
return false;
}
unset( $_SESSION[ref] );
$mail = new Email( $this->email_address, 'Activation', 'Thank you for signup at ' . SITE_NAME . '. Please verify your account by clicking on the below link <br /> <a href="' . SITE_URL . 'reg_verify.php?email=' . $this->email_address . '&token=' . $token . '">' . SITE_URL . 'reg_verify.php?email=' . $this->email_address . '&token=' . $token . '</a><br />', 1 );
if ($mail->sendMail( )) {
return true;
}
if (mysql_query( 'DELETE FROM users WHERE uid = \'' . makesafe( $this->uid ) . '\' LIMIT 1' )) {
@mysql_query( 'DELETE FROM pending_users WHERE email = \'' . @makesafe( $this->email_address ) . '\'' );
}
return false;
}
return false;
}
function setActive($email, $token) {
sprintf( 'SELECT token FROM pending_users WHERE email = "%s" AND token = "%s"', mysql_real_escape_string( $email, $GLOBALS['DB'] ), mysql_real_escape_string( $token, $GLOBALS['DB'] ) );
$result = mysql_query( $query, $GLOBALS['DB'] );
if (!mysql_num_rows( $result )) {
mysql_free_result( $result );
return false;
}
mysql_free_result( $result );
$query = $query = sprintf( 'DELETE FROM pending_users WHERE email = "%s" AND token = "%s"', mysql_real_escape_string( $email, $GLOBALS['DB'] ), mysql_real_escape_string( $token, $GLOBALS['DB'] ) );
if (!mysql_query( $query, $GLOBALS['DB'] )) {
return false;
}
if (mysql_query( 'UPDATE users SET active = 1 WHERE uid = \'' . makesafe( $this->uid ) . '\' LIMIT 1' )) {
return true;
}
return false;
}
function EncryptPass($username, $password) {
$query = sprintf( 'SELECT salt FROM users WHERE username = "%s" AND active = 1 LIMIT 1', mysql_real_escape_string( $username, $GLOBALS['DB'] ) );
$sql = mysql_query( $query );
if (0 < mysql_num_rows( $sql )) {
$row = mysql_fetch_array( $sql );
$row['salt'];
md5( $salt . $password );
//$encrypted = $salt = ;
return $encrypted;
}
return false;
}
function doAuth($username, $password) {
$query = sprintf( 'SELECT uid FROM users WHERE username = "%s" AND password = "%s" AND active = 1 LIMIT 1', mysql_real_escape_string( $username, $GLOBALS['DB'] ), mysql_real_escape_string( $password, $GLOBALS['DB'] ) );
$sql = mysql_query( $query );
if (0 < mysql_num_rows( $sql )) {
$row = mysql_fetch_array( $sql );
return $row['uid'];
}
return false;
}
function isLocked($username) {
$query = sprintf( 'SELECT uid FROM users WHERE username = "%s" AND active = 1 AND isLocked = 1 LIMIT 1', mysql_real_escape_string( $username, $GLOBALS['DB'] ) );
$sql = mysql_query( $query );
if (0 < mysql_num_rows( $sql )) {
$row = mysql_fetch_array( $sql );
return true;
}
return false;
}
function isBan($username) {
$query = sprintf( 'SELECT uid FROM users WHERE username = "%s" AND active = 1 AND isBan = 1 LIMIT 1', mysql_real_escape_string( $username, $GLOBALS['DB'] ) );
$sql = mysql_query( $query );
if (0 < mysql_num_rows( $sql )) {
$row = mysql_fetch_array( $sql );
return true;
}
return false;
}
function lockAccount($username) {
$query = sprintf( 'UPDATE users SET isLocked = 1 WHERE username = "%s" LIMIT 1', mysql_real_escape_string( $username, $GLOBALS['DB'] ) );
$sql = mysql_query( $query );
if (0 < mysql_num_rows( $sql )) {
$row = mysql_fetch_array( $sql );
return true;
}
return false;
}
function unlockAccount($username) {
$query = sprintf( 'UPDATE users SET isLocked = 0 WHERE username = "%s" LIMIT 1', mysql_real_escape_string( $username, $GLOBALS['DB'] ) );
$sql = mysql_query( $query );
if (0 < mysql_num_rows( $sql )) {
$row = mysql_fetch_array( $sql );
return true;
}
return false;
}
function getIdByEmail($email) {
$id = 11;
$query = sprintf( 'SELECT uid FROM users WHERE email_address = "%s"', mysql_real_escape_string( $email, $GLOBALS['DB'] ) );
$result = mysql_query( $query, $GLOBALS['DB'] );
if (mysql_num_rows( $result )) {
mysql_fetch_assoc( $result );
$id = $row = $row['uid'];
}
mysql_free_result( $result );
return $id;
}
}
?> |
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9145
People Online:
Visitors: 807
Members: 0
Total: 807
