Page MenuHomeCode

No OneTemporary

diff --git a/Models/Content/Location.php b/Models/Content/Location.php
index 06030de..d3f4bbc 100644
--- a/Models/Content/Location.php
+++ b/Models/Content/Location.php
@@ -1,244 +1,244 @@
<?php
/**
* Content location class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* 0.1 2010-12-03 2:58 Forked from Content class
*
* @package Zed
* @subpackage Content
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Content;
use Keruald\Database\DatabaseEngine;
use Zed\Models\Base\Entity;
/**
* Content location class
*
* This class maps the content_locations table.
*
* A content location is defined by 3 parameters:
* - location_global
* - location_local
* - location_k, an index for the content at the specified location
*
* This class allows to get or set the content_id at this
* (global, local, k) location.
*
* This class also provides a static helper method to
* get local content from a specific location.
*/
class Location extends Entity {
/* -------------------------------------------------------------
Properties
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
public $location_global = null;
public $location_local = null;
public $location_k = null;
public $content_id;
/* -------------------------------------------------------------
Constructor, __toString
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
/**
* Initializes a new Location instance
*
* @param string $location_global the global location
* @param string $location_local the local location
* @param int $location_k the item indice for the specified location
*/
function __construct (DatabaseEngine $db, $location_global = null, $location_local = null, $location_k = null) {
$this->setDatabase($db);
$this->location_global = $location_global;
$this->location_local = $location_local;
if ($location_k) {
$this->location_k = $location_k;
$this->load_from_database();
} else {
$this->location_k = self::get_free_location_k($location_global, $location_local);
}
}
/**
* Returns a string representation of current Location instance
*
* @return string the content title or path if title is blank.
*/
function __toString () {
$location_global = $this->location_global ?: '?';
$location_local = $this->location_local ?: '?';
$location_k = $this->location_k ?: '?';
return "($location_global, $location_local, $location_k)";
}
/* -------------------------------------------------------------
Load/save class
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
/**
* Loads the object Location (ie fill the properties) from the database
*/
function load_from_database () : bool {
$db = $this->getDatabase();
$location_global = "'" . $db->escape($this->location_global) . "'";
$location_local = "'" . $db->escape($this->location_local) . "'";
$location_k = "'" . $db->escape($this->location_k) . "'";
$sql = "SELECT * FROM content_locations WHERE location_global = '$location_global' AND location_local = '$location_local' AND location_k = '$location_k'";
if ( !($result = $db->query($sql)) ) {
message_die(SQL_ERROR, "Unable to query content", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "Content location unknown: " . $this->content_id;
return false;
}
$this->load_from_row($row);
return true;
}
/**
* Loads the object from row
*/
function load_from_row ($row) {
$this->content_id = $row['content_id'];
$this->location_global = $row['location_global'];
$this->location_local = $row['location_local'];
$this->location_k = $row['location_k'];
}
/**
* Saves to database
*/
function save_to_database () : void {
$db = $this->getDatabase();
$location_global = "'" . $db->escape($this->location_global) . "'";
$location_local = "'" . $db->escape($this->location_local) . "'";
$location_k = "'" . $db->escape($this->location_k) . "'";
$content_id = $this->content_id ? "'" . $db->escape($this->content_id) . "'" : 'NULL';
$sql = "REPLACE INTO content_locations (location_global, location_local, location_k, content_id) VALUES ($location_global, $location_local, $location_k, $content_id)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't save content location", '', __LINE__, __FILE__, $sql);
}
}
/* -------------------------------------------------------------
Helper methods
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
/**
* Gets the next k free value for the specified location
*
* @param string $location_global the global location
* @param string $location_local the local location
*
* @param int $location_k the next free local content indice
*/
function get_free_location_k ($location_global, $location_local) {
$db = $this->getDatabase();
$location_global = "'" . $db->escape($location_global) . "'";
$location_local = "'" . $db->escape($location_local) . "'";
- $sql = "SELECT MAX(location_k) + 1 FROM content_locations WHERE location_global = '$location_global' AND location_local = '$location_local'";
+ $sql = "SELECT MAX(location_k) + 1 as next_k FROM content_locations WHERE location_global = '$location_global' AND location_local = '$location_local'";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't get content location k", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- return $row[0];
+ return $row["next_k"];
}
/**
* Deletes this content location from the database
*/
function delete() {
$db = $this->getDatabase();
$location_global = "'" . $db->escape($this->location_global) . "'";
$location_local = "'" . $db->escape($this->location_local) . "'";
$location_k = "'" . $db->escape($this->location_k) . "'";
$sql = "DELETE FROM content_locations WHERE location_global = '$location_global' AND location_local = '$location_local' AND location_k = '$location_k' LIMIT 1";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't delete current content location", '', __LINE__, __FILE__, $sql);
}
}
/**
* Moves the content into new location
*
* @param string $location_global the target global location
* @param string $location_local the target local location
* @param int $location_k the target local content indice [facultative]
*/
function move ($location_global, $location_local, $location_k = null) {
if ($this->content_id) {
$this->delete();
}
if ($location_k) {
$this->location_k = $location_k;
} else {
$this->location_k = self::get_free_location_k($location_global, $location_local);
}
if ($this->content_id) {
$this->save_to_database();
}
}
/* -------------------------------------------------------------
Gets content
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
/**
* Gets content at specified location
*
* @param string $location_global global content location
* @param string $location_local local content location
* @return File[]
*
* The returned array indices are the local_k.
*/
static function get_local_content (DatabaseEngine $db, string $location_global, string $location_local) : array {
//Get contents at this location
$location_global = $db->escape($location_global);
$location_local = $db->escape($location_local);
$sql = "SELECT c.* FROM content c WHERE c.location_global = '$location_global' AND c.location_local = '$location_local' ORDER BY location_k ASC";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't get content", '', __LINE__, __FILE__, $sql);
}
//Fills content array
$contents = [];
while ($row = $db->fetchRow($result)) {
$k = $row['location_k'];
$contents[$k] = new File($db);
$contents[$k]->load_from_row($row);
}
return $contents;
}
}
diff --git a/Models/Geo/Galaxy.php b/Models/Geo/Galaxy.php
index 0630472..1dd7d18 100644
--- a/Models/Geo/Galaxy.php
+++ b/Models/Geo/Galaxy.php
@@ -1,62 +1,64 @@
<?php
/**
* Geo galaxy class.
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* A 3D grid of objects
*
* 0.1 2010-02-08 14:02 Initial version [DcK]
* 0.2 2010-07-25 9:20 Spherical conversion, get objects
*
* @package Zed
* @subpackage Geo
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Geo;
use Hypership\Geo\Point3D;
use Keruald\Database\DatabaseEngine;
/**
* Geo galaxy class
*/
class Galaxy {
/*
* ----------------------------------------------------------------------- *
* Objects fetchers
* ----------------------------------------------------------------------- *
*/
/**
* Gets all the coordinates of the objects in the galaxy.
*
* @return array An array of array. Each item is [string object_name, string object_type, Point3D coordinates]
*/
static function getCoordinates (DatabaseEngine $db) {
- $sql = "SELECT * FROM geo_coordinates";
+
+ $sql = "SELECT object_name as `name`, object_type as `type`, object_location as location FROM geo_coordinates";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't query geo_coordinates view.", '', __LINE__, __FILE__, $sql);
}
$objects = [];
while ($row = $db->fetchRow($result)) {
//Demios ship xyz: [-50, 30, 40]
//Kaos asteroid xyz: [150, -129, 10]
- $objects[] = [$row[0], $row[1], Point3D::fromString($row[2])];
+ $row["location"] = Point3D::fromString($row["location"]);
+ $objects[] = $row;
}
return $objects;
}
}
diff --git a/Models/Messages/Message.php b/Models/Messages/Message.php
index b36a4f6..8f21af8 100644
--- a/Models/Messages/Message.php
+++ b/Models/Messages/Message.php
@@ -1,221 +1,221 @@
<?php
/**
* Message class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* 0.1 2010-01-28 01:47 Autogenerated by Pluton Scaffolding
*
* @package Zed
* @subpackage Model
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Messages;
use Keruald\Database\DatabaseEngine;
use Zed\Models\Base\Entity;
use Zed\Models\Objects\Perso;
/**
* Message class
*
* This class maps the messages table.
*
* It also provides a static method to get perso's messages.
*/
class Message extends Entity {
public $id;
public $date;
private $from;
public $to;
public $text;
public $flag;
public MessageSource $source;
public ?Perso $perso;
public string $lastError = "";
/**
* Initializes a new instance
*
* @param int $id the primary key
*/
function __construct (DatabaseEngine $db, $id = null) {
$this->setDatabase($db);
if ($id) {
$this->id = $id;
$this->load_from_database();
} else {
$this->date = time();
$this->flag = 0; //unread
}
}
/**
* Loads the object Message (ie fill the properties) from the $_POST array
*/
function load_from_form () {
if (array_key_exists('date', $_POST)) {
$this->date = $_POST['date'];
}
if (array_key_exists('from', $_POST)) {
$this->from = $_POST['from'];
}
if (array_key_exists('to', $_POST)) {
$this->to = $_POST['to'];
}
if (array_key_exists('text', $_POST)) {
$this->text = $_POST['text'];
}
if (array_key_exists('flag', $_POST)) {
$this->flag = $_POST['flag'];
}
}
/**
* Loads the object Message (ie fill the properties) from the database
*/
function load_from_database (): bool {
$db = $this->getDatabase();
$sql = "SELECT * FROM messages WHERE message_id = '" . $this->id . "'";
if (!($result = $db->query($sql))) {
message_die(SQL_ERROR, "Unable to query messages", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "Message unknown: " . $this->id;
return false;
}
$this->date = $row['message_date'];
$this->from = (int)$row['message_from'];
$this->to = $row['message_to'];
$this->text = $row['message_text'];
$this->flag = $row['message_flag'];
$this->computeSource();
return true;
}
/**
* Saves to database
*/
function save_to_database (): void {
$db = $this->getDatabase();
$id = $this->id ? "'" . $db->escape($this->id) . "'" : 'NULL';
$date = $db->escape($this->date);
$from = match ($this->source) {
MessageSource::System => 0,
MessageSource::Perso => $this->perso->id,
};
$to = $db->escape($this->to);
$text = $db->escape($this->text);
$flag = $db->escape($this->flag);
//Updates or inserts
$sql = "REPLACE INTO messages (`message_id`, `message_date`, `message_from`, `message_to`, `message_text`, `message_flag`) VALUES ($id, '$date', '$from', '$to', '$text', '$flag')";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save", '', __LINE__, __FILE__, $sql);
}
if (!$id) {
//Gets new record id value
$this->id = $db->nextId();
}
}
public function setAsSystem () {
$this->source = MessageSource::System;
$this->perso = null;
}
public function setFrom (Perso $perso) {
$this->source = MessageSource::Perso;
$this->perso = $perso;
}
private function computeSource () {
$db = $this->getDatabase();
$this->source = match ($this->from) {
0 => MessageSource::System,
default => MessageSource::Perso,
};
$this->perso = match ($this->from) {
0 => null,
default => Perso::get($db, $this->from),
};
}
/**
* Sends the message
*/
function send (): void {
$this->save_to_database();
//TODO: triggers new message notifier
}
/**
* Deletes the message
*/
function delete (): void {
//A message is deleted if its flag value is 2
if ($this->flag != 2) {
$this->flag = 2;
$this->save_to_database();
}
}
/**
* Gets messages from the specified perso
*/
static function get_messages (DatabaseEngine $db, Perso $perso, bool $mark_as_read = true, int &$countNewMessages = 0) {
$ids = [];
$sql = "SELECT message_id FROM " . TABLE_MESSAGES . " WHERE message_to = " . $db->escape($perso->id) . " AND message_flag < 2 ORDER BY message_id DESC";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Unable to get messages", '', __LINE__, __FILE__, $sql);
}
$messages = [];
while ($row = $db->fetchRow($result)) {
- $message = new Message($db, $row[0]);
+ $message = new Message($db, $row["message_id"]);
$messages[] = $message;
$ids[] = $message->id;
if ($message->flag == 0) {
//New message
$countNewMessages++;
}
}
if ($mark_as_read && count($ids)) {
$ids = join(', ', $ids);
$sql = "UPDATE " . TABLE_MESSAGES . " SET message_flag = '1' WHERE message_id IN ($ids)";
$db->query($sql);
}
return $messages;
}
public function isSelf (): bool {
return match ($this->source) {
MessageSource::System => false,
MessageSource::Perso => $this->perso->id == $this->to,
};
}
}
diff --git a/Models/Objects/Invite.php b/Models/Objects/Invite.php
index bedc270..13da37c 100644
--- a/Models/Objects/Invite.php
+++ b/Models/Objects/Invite.php
@@ -1,200 +1,200 @@
<?php
/**
* User invite class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* 0.1 2010-06-29 02:13 Initial version [DcK]
*
* @package Zed
* @subpackage Model
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Objects;
use Keruald\Database\DatabaseEngine;
use Keruald\OmniTools\Identifiers\Random;
use Zed\Models\Base\Entity;
/**
* User invite class
*
* This class maps the users_invites table.
*/
class Invite extends Entity {
public $code;
public $date;
public $from_user_id;
public $from_perso_id;
public string $lastError = "";
/**
* The user_id who have been claimed the invite
* Will be NULL as long as the invite haven't been claimed
*
* @var int
*/
public $to_user_id = null;
/**
* Initializes a new instance
*/
function __construct (DatabaseEngine $db, $code = null) {
$this->setDatabase($db);
if ($code) {
$this->code = $code;
$this->load_from_database();
} else {
//New invite code
$this->generate_code();
$this->date = time();
}
}
/**
* Generates a unique invite code and sets it in the code property.
*/
function generate_code () {
$db = $this->getDatabase();
do {
$this->code = Random::generateString("AAA111");
- $sql = "SELECT COUNT(*) FROM " . TABLE_USERS_INVITES . " WHERE invite_code = '$this->code' LOCK IN SHARE MODE;";
+ $sql = "SELECT COUNT(*) as count FROM " . TABLE_USERS_INVITES . " WHERE invite_code = '$this->code' LOCK IN SHARE MODE;";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't access invite users table", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- } while ($row[0]);
+ } while ($row["count"]);
}
/**
* Loads the object Invite (ie fill the properties) from the database
*/
function load_from_database (): bool {
$db = $this->getDatabase();
$code = $db->escape($this->code);
$sql = "SELECT * FROM " . TABLE_USERS_INVITES . " WHERE invite_code = '" . $code . "'";
if (!($result = $db->query($sql))) {
message_die(SQL_ERROR, "Unable to query invite codes", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "Invite code unknown: " . $this->code;
return false;
}
$this->code = $row['invite_code'];
$this->date = $row['invite_date'];
$this->from_user_id = $row['invite_from_user_id'];
$this->from_perso_id = $row['invite_from_perso_id'];
$this->to_user_id = $row['invite_to_user_id'];
return true;
}
/**
* Determines whether the current invite code have been claimed by an user.
*
* @return true if the code have been claimed ; otherwise, false.
*/
function is_claimed (): bool {
return (bool)$this->to_user_id;
}
/**
* Saves to database
*/
function save_to_database (): void {
$db = $this->getDatabase();
$code = $db->escape($this->code);
$date = $db->escape($this->date);
$from_user_id = $db->escape($this->from_user_id);
$from_perso_id = $db->escape($this->from_perso_id);
$to_user_id = $this->to_user_id ? "'" . $db->escape($this->to_user_id) . "'" : 'NULL';
//Updates or inserts
$sql = "REPLACE INTO " . TABLE_USERS_INVITES . " (`invite_code`, `invite_date`, `invite_from_user_id`, `invite_from_perso_id`, `invite_to_user_id`) VALUES ('$code', '$date', '$from_user_id', '$from_perso_id', $to_user_id)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save invite code", '', __LINE__, __FILE__, $sql);
}
}
/**
* Deletes the invite
*/
function delete () {
$db = $this->getDatabase();
$code = $db->escape($this->code);
$sql = "DELETE FROM " . TABLE_USERS_INVITES . " WHERE invite_code = '$code'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save delete code", '', __LINE__, __FILE__, $sql);
}
}
/**
* Creates an invite code
*/
static function create (DatabaseEngine $db, Perso $perso): string {
$invite = new Invite($db);
$invite->from_perso_id = $perso->id;
$invite->from_user_id = $perso->user_id;
$invite->save_to_database();
return $invite->code;
}
/**
* Gets invites generated by the specified perso ID
*
* @return string[]
*/
static function get_invites_from (DatabaseEngine $db, Perso $perso): array {
$perso_id = $perso->id;
$sql = "SELECT invite_code FROM " . TABLE_USERS_INVITES
. " WHERE invite_from_perso_id = $perso_id AND invite_to_user_id IS NULL ORDER BY invite_date ASC";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't access invite users table", '', __LINE__, __FILE__, $sql);
}
$codes = [];
while ($row = $db->fetchRow($result)) {
$codes[] = $row['invite_code'];
}
return $codes;
}
/**
* Gets the perso ID who invited the specified perso
*
* @return int|null the perso whom to get the invites ; or null, if nobody have invited him
*/
static function who_invited (DatabaseEngine $db, Perso $perso): ?int {
$user_id = $perso->user_id;
$sql = "SELECT invite_from_perso_id FROM " . TABLE_USERS_INVITES . " WHERE invite_to_user_id = '$user_id'";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't access invite users table", '', __LINE__, __FILE__, $sql);
}
if ($row = $db->fetchRow($result)) {
- return $row[0];
+ return (int)$row["invite_from_perso_id"];
}
return null;
}
}
diff --git a/Models/Objects/Perso.php b/Models/Objects/Perso.php
index 376b616..6dd1412 100644
--- a/Models/Objects/Perso.php
+++ b/Models/Objects/Perso.php
@@ -1,615 +1,615 @@
<?php
/**
* Perso class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* 0.1 2010-01-27 00:39 Autogenerated by Pluton Scaffolding
* 0.2 2010-01-29 14:39 Adding flags support
* 0.3 2010-02-06 17:50 Adding static perso hashtable
* 0.4 2012-07-04 11:37 Refactoring: moving code from index.php
*
* @package Zed
* @subpackage Model
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010, 2012 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Objects;
use Keruald\Database\DatabaseEngine;
use Zed\Models\Base\Entity;
use Zed\Models\Geo\Location;
use Zed\Models\Messages\Message;
/**
* Perso class
*
* This class maps the persos table.
*
* The class also provides methods
* to move or locate a perso,
* to gets and sets perso's flags and notes (tables persos_flags and persos_notes),
* to gets user's perso or check if a perso is online,
* to handle on select and logout events.
*
*/
class Perso extends Entity {
public $id;
public $user_id;
public $name;
public $nickname;
public $race;
public $sex;
public string $avatar = "";
public $location;
public $location_global;
public $location_local;
public $flags;
public string $lastError = "";
public static $hashtable_id = [];
public static $hashtable_name = [];
/**
* Initializes a new instance
*/
function __construct (DatabaseEngine $db, mixed $data = null) {
$this->setDatabase($db);
if ($data) {
if (is_numeric($data)) {
$this->id = $data;
} else {
$this->nickname = $data;
}
if (!$this->load_from_database()) {
message_die(GENERAL_ERROR, $this->lastError, "Can't authenticate perso");
}
} else {
$this->generate_id();
}
}
/**
* Initializes a new Perso instance if needed or get already available one.
*
* @deprecated Move to an entities repository
*/
static function get (DatabaseEngine $db, mixed $data = null): Perso {
if ($data) {
//Checks in the hashtables if we already have loaded this instance
if (is_numeric($data)) {
if (array_key_exists($data, Perso::$hashtable_id)) {
return Perso::$hashtable_id[$data];
}
} else {
if (array_key_exists($data, Perso::$hashtable_name)) {
return Perso::$hashtable_name[$data];
}
}
}
return new Perso($db, $data);
}
/**
* Loads the object Perso (ie fill the properties) from the $_POST array
*/
function load_from_form () {
if (array_key_exists('user_id', $_POST)) {
$this->user_id = $_POST['user_id'];
}
if (array_key_exists('name', $_POST)) {
$this->name = $_POST['name'];
}
if (array_key_exists('nickname', $_POST)) {
$this->nickname = $_POST['nickname'];
}
if (array_key_exists('race', $_POST)) {
$this->race = $_POST['race'];
}
if (array_key_exists('sex', $_POST)) {
$this->sex = $_POST['sex'];
}
if (array_key_exists('avatar', $_POST)) {
$this->avatar = $_POST['avatar'];
}
if (array_key_exists('location_global', $_POST)) {
$this->location_global = $_POST['location_global'];
}
if (array_key_exists('location_local', $_POST)) {
$this->location_local = $_POST['location_local'];
}
}
/**
* Loads the object Perso (ie fill the properties) from the database
*/
function load_from_database (): bool {
$db = $this->getDatabase();
//Gets perso
$sql = "SELECT * FROM " . TABLE_PERSOS;
if ($this->id) {
$id = $db->escape($this->id);
$sql .= " WHERE perso_id = '" . $id . "'";
} else {
$nickname = $db->escape($this->nickname);
$sql .= " WHERE perso_nickname = '" . $nickname . "'";
}
if (!($result = $db->query($sql))) {
message_die(SQL_ERROR, "Unable to query persos", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "Perso unknown: " . $this->id;
return false;
}
$this->id = $row['perso_id'];
$this->user_id = $row['user_id'];
$this->name = $row['perso_name'];
$this->nickname = $row['perso_nickname'];
$this->race = $row['perso_race'];
$this->sex = $row['perso_sex'];
$this->avatar = $row['perso_avatar'];
$this->location_global = $row['location_global'];
$this->location_local = $row['location_local'];
//Gets flags
$sql = "SELECT flag_key, flag_value FROM " . TABLE_PERSOS_FLAGS .
" WHERE perso_id = $this->id";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't get flags", '', __LINE__, __FILE__, $sql);
}
while ($row = $db->fetchRow($result)) {
$this->flags[$row["flag_key"]] = $row["flag_value"];
}
//Gets location
$this->location = new Location(
$db,
$this->location_global,
$this->location_local
);
//Puts object in hashtables
Perso::$hashtable_id[$this->id] = $this;
Perso::$hashtable_name[$this->nickname] = $this;
return true;
}
/**
* Saves to database
*/
function save_to_database (): void {
$db = $this->getDatabase();
$id = $this->id ? "'" . $db->escape($this->id) . "'" : 'NULL';
$user_id = $db->escape($this->user_id);
$name = $db->escape($this->name);
$nickname = $db->escape($this->nickname);
$race = $db->escape($this->race);
$sex = $db->escape($this->sex);
$avatar = $db->escape($this->avatar);
$location_global = $this->location_global ? "'" . $db->escape($this->location_global) . "'" : 'NULL';
$location_local = $this->location_local ? "'" . $db->escape($this->location_local) . "'" : 'NULL';
//Updates or inserts
$sql = "REPLACE INTO " . TABLE_PERSOS . " (`perso_id`, `user_id`, `perso_name`, `perso_nickname`, `perso_race`, `perso_sex`, `perso_avatar`, `location_global`, `location_local`) VALUES ($id, '$user_id', '$name', '$nickname', '$race', '$sex', '$avatar', $location_global, $location_local)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save", '', __LINE__, __FILE__, $sql);
}
if (!$id) {
//Gets new record id value
$this->id = $db->nextId();
}
}
/**
* Updates the specified field in the database record
*/
function save_field (string $field): void {
$db = $this->getDatabase();
if (!$this->id) {
message_die(GENERAL_ERROR, "You're trying to update a perso record not yet saved in the database: $field");
}
$id = $db->escape($this->id);
$value = $db->escape($this->$field);
$sql = "UPDATE " . TABLE_PERSOS . " SET `$field` = '$value' WHERE perso_id = '$id'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save $field field", '', __LINE__, __FILE__, $sql);
}
}
/**
* Gets perso location
*
* @return string The location names
*/
public function where (): string {
return $this->location->__toString();
}
/**
* Moves the perso to a new location
*
* @param string|null $global the global target location
* @param string|null $local the local target location
*/
public function move_to (string $global = null, string $local = null): void {
//Sets global location
if ($global !== null) {
$this->location_global = $global;
}
//Sets local location
if ($local !== null) {
$this->location_local = $local;
}
//Updates database record
if ($global !== null && $local !== null) {
$db = $this->getDatabase();
$perso_id = $db->escape($this->id);
$g = $db->escape($this->location_global);
$l = $db->escape($this->location_local);
$sql = "UPDATE " . TABLE_PERSOS .
" SET location_global = '$g', location_local = '$l'" .
" WHERE perso_id = '$perso_id'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't save new $global $local location.", '', __LINE__, __FILE__, $sql);
}
} elseif ($global != null) {
$this->save_field('location_global');
} elseif ($local != null) {
$this->save_field('location_local');
}
//Updates location member
$this->location = new Location(
$this->getDatabase(),
$this->location_global,
$this->location_local
);
}
/**
* Gets the specified flag value
*
* @param string $key flag key
* @param mixed $defaultValue default value if the flag doesn't exist
* @return mixed the flag value (string) or null if not existing
*/
public function get_flag ($key, $defaultValue = null) {
return $this->flag_exists($key) ? $this->flags[$key] : $defaultValue;
}
/**
* Determines if the specified flag exists
*
* @param string $key the flag key to check
* @return boolean true if the specified flag exists ; otherwise, false.
*/
public function flag_exists ($key) {
return array_key_exists($key, $this->flags);
}
/**
* Sets the specified flag
*
* @param string $key flag key
* @param string $value flag value (optional, default value: 1)
*/
public function set_flag ($key, $value = 1) {
//Checks if flag isn't already set at this value
if ($this->flags != null && array_key_exists($key, $this->flags) && $this->flags[$key] === $value) {
return;
}
//Saves flag to database
global $db;
$id = $db->escape($this->id);
$key = $db->escape($key);
$value = $db->escape($value);
$sql = "REPLACE " . TABLE_PERSOS_FLAGS . " SET perso_id = '$id', flag_key = '$key', flag_value = '$value'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't save flag", '', __LINE__, __FILE__, $sql);
}
//Sets flag in this perso instance
$this->flags[$key] = $value;
}
/**
* Deletes the specified flag
*
* @param string $key flag key
*/
public function delete_flag ($key) {
global $db;
if (!array_key_exists($key, $this->flags)) {
return;
}
$id = $db->escape($this->id);
$key = $db->escape($key);
$sql = "DELETE FROM " . TABLE_PERSOS_FLAGS .
" WHERE flag_key = '$key' AND perso_id = '$id' LIMIT 1";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't delete flag", '', __LINE__, __FILE__, $sql);
}
}
/**
* Ensures the current perso have the specified flag or exits.
*
*
* @param string $flag the flag to assert
* @param int $threshold value the flags must strictly be greater than (optional, the default value is 0)
*
* Example:
* <code>
* $perso->set_flag('quux.foo', 1);
* //The perso wants to read quux, which we allow with the flag quux.foo
* $perso->request_flag('quux.foo'); //will be okay
*
* //The perso wants also to write quux, which we all allow if quux.foo = 2
* //The threshold will so be 1, as 2 > 1
* $perso->request_flag('quux.foo', 1); //Will exits, with a "You don't have quux.foo permission" message
* </code>
*/
public function request_flag ($flag, $threshold = 0) {
if (!array_key_exists($flag, $this->flags) || $this->flags[$flag] <= $threshold) {
message_die(HACK_ERROR, "You don't have $flag permission.", "Permissions");
}
}
/**
* Gets the specified note
*
* @param string $code the note code
* @return string the note content
*/
public function get_note ($code) {
global $db;
$id = $db->escape($this->id);
$code = $db->escape($code);
$sql = "SELECT note_text FROM " . TABLE_PERSOS_NOTES . " WHERE perso_id = '$id' AND note_code LIKE '$code'";
return $db->queryScalar($sql);
}
/**
* Sets the specified note
*
* @param string $code the note code
* @param string $text the note content
*/
public function set_note ($code, $text) {
global $db;
$id = $db->escape($this->id);
$code = $db->escape($code);
$text = $db->escape($text);
$sql = "REPLACE INTO " . TABLE_PERSOS_NOTES . " (perso_id, note_code, note_text) VALUES ('$id', '$code', '$text')";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't save note", '', __LINE__, __FILE__, $sql);
}
}
/**
* Counts the amount of notes the perso have saved
*
* @return int the amount of notes assigned to the perso
*/
public function count_notes () {
global $db;
$id = $db->escape($this->id);
$sql = "SELECT COUNT(*) FROM " . TABLE_PERSOS_NOTES . " WHERE perso_id = '$id'";
return $db->queryScalar($sql);
}
/*
* Determines if the specified ID is available
*
* @param integer $id The perso ID to check
* @return boolean true if the specified ID is available ; otherwise, false
*/
public static function is_available_id ($id) {
global $db;
- $sql = "SELECT COUNT(*) FROM " . TABLE_PERSOS . " WHERE perso_id = $id LOCK IN SHARE MODE";
+ $sql = "SELECT COUNT(*) as count FROM " . TABLE_PERSOS . " WHERE perso_id = $id LOCK IN SHARE MODE";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't access users table", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- return ($row[0] == 0);
+ return ($row["count"] == 0);
}
/**
* Generates a unique ID for the current object
*/
private function generate_id () {
do {
$this->id = rand(2001, 5999);
} while (!Perso::is_available_id($this->id));
}
/**
* Checks if the nickname is available
*
* @param string $nickname the nickname to check
*/
public static function is_available_nickname ($nickname) {
global $db;
$nickname = $db->escape($nickname);
- $sql = "SELECT COUNT(*) FROM " . TABLE_PERSOS . " WHERE perso_nickname LIKE '$nickname' LOCK IN SHARE MODE;";
+ $sql = "SELECT COUNT(*) as count FROM " . TABLE_PERSOS . " WHERE perso_nickname LIKE '$nickname' LOCK IN SHARE MODE;";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Utilisateurs non parsable", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- return ($row[0] == 0);
+ return ($row["count"] == 0);
}
/**
* Counts the perso a user have
*
* @param int user_id the user ID
* @return int the user's perso count
*/
public static function get_persos_count ($user_id): int {
global $db;
$sql = "SELECT COUNT(*) FROM " . TABLE_PERSOS . " WHERE user_id = $user_id";
return (int)$db->queryScalar($sql);
}
/**
* Gets an array with all the perso of the specified user
*/
public static function get_persos (DatabaseEngine $db, User $user): array {
$user_id = $db->escape($user->id);
$sql = "SELECT perso_id FROM " . TABLE_PERSOS . " WHERE user_id = $user_id";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't get persos", '', __LINE__, __FILE__, $sql);
}
$persos = [];
while ($row = $db->fetchRow($result)) {
$persos[] = Perso::get($db, $row['perso_id']);
}
return $persos;
}
/**
* Gets the first perso a user have
* (typically to be used when get_persos_count returns 1 to autoselect)
*
* @deprecated This case is now handled by the TryAutoSelect class.
*/
public static function get_first_perso (DatabaseEngine $db, int $user_id) {
$sql = "SELECT perso_id FROM " . TABLE_PERSOS . " WHERE user_id = $user_id LIMIT 1";
if ($perso_id = $db->queryScalar($sql)) {
return new Perso($db, $perso_id);
}
}
/**
* Determines whether the perso is online
*
* @return bool true if the perso is online ; otherwise, false.
*/
public function is_online () {
global $db;
$id = $db->escape($this->id);
- $sql = "SELECT MAX(online) FROM " . TABLE_SESSIONS . " WHERE perso_id = $id";
+ $sql = "SELECT MAX(online) as is_online FROM " . TABLE_SESSIONS . " WHERE perso_id = $id";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Unable to query the table", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- return ($row[0] == 1);
+ return ($row["is_online"] == 1);
}
/**
* This event method is called when the user selects a new perso
*/
public function on_select () {
//Session
set_info('perso_id', $this->id);
$this->set_flag("site.lastlogin", $_SERVER['REQUEST_TIME']);
define("PersoSelected", true);
}
/**
* This event method is called when the user logs off its account or perso
*/
public function on_logout () {
//Clears perso information in $_SESSION and session table
set_info('perso_id', null);
clean_session();
}
/**
* This event method is called when the perso is created
*/
public function on_create () {
//Notifies host
$this->notify_inviter();
}
/**
* Creates a new perso, from a parameter form
*
* @param DatabaseEngine $db
* @param User $user The user to attach the perso to
* @param Perso $perso A reference to the created perso (don't initialize it, give it a null value)
* @param array $errors A reference to the arrays containing errors (should be an empty array, or the method will always return false)
* @return boolean true if the perso has ben created ; otherwise, false
*/
public static function create_perso_from_form (DatabaseEngine $db, User $user, &$perso, &$errors): bool {
$perso = new Perso($db);
$perso->load_from_form();
$perso->user_id = $user->id;
//Validates forms
if (!$perso->name) {
$errors[] = lang_get("NoFullnameSpecified");
}
if (!$perso->race) {
$errors[] = lang_get("NoRaceSpecified");
$perso->race = "being";
}
if (!$perso->sex) {
$errors[] = lang_get("NoSexSpecified");
}
if (!$perso->nickname) {
$errors[] = lang_get("NoNicknameSpecified");
} elseif (!Perso::is_available_nickname($perso->nickname)) {
$errors[] = lang_get("UnavailableNickname");
}
if (count($errors)) {
return false;
}
//Creates perso
$perso->save_to_database();
$perso->on_create();
return true;
}
/**
* Notifies the person having invited this perso
*/
public function notify_inviter () {
$db = $this->getDatabase();
$message = new Message($db);
$message->setAsSystem();
$message->to = Invite::who_invited($db, $this);
$message->text = sprintf(
lang_get('InvitePersoCreated'),
$this->name,
get_server_url() . get_url('who', $this->nickname)
);
$message->send();
}
}
diff --git a/Models/Objects/User.php b/Models/Objects/User.php
index e517e19..f6f6f45 100644
--- a/Models/Objects/User.php
+++ b/Models/Objects/User.php
@@ -1,288 +1,288 @@
<?php
/**
* User class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* [DESIGN BY CONTRACT NOTE] No more than one OpenID per user
*
* @package Zed
* @subpackage Model
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Objects;
use Keruald\Database\DatabaseEngine;
use Zed\Models\Base\Entity;
use Zed\Models\Base\WithDatabase;
/**
* User class
*
* This class maps the users and users_openid tables.
*
* It also provides helper methods to check if a login is available,
* or to retrieve a username from e-mail address.
*/
class User extends Entity {
use WithDatabase;
///
/// Properties
///
public $id;
public $name;
public $password;
public $active = 0;
public string $actkey = "";
public $email;
public $regdate;
public string $lastError = "";
public static $hashtable_id = [];
public static $hashtable_name = [];
public array $session = [];
///
/// Constructors
///
/**
* Initializes a new instance
*
* @param int $id the primary key
*/
function __construct (DatabaseEngine $db, $id = null) {
$this->setDatabase($db);
if ($id) {
$this->id = $id;
$this->load_from_database();
}
}
/**
* Initializes a new User instance if needed or get already available one.
*
* @param mixed $data user ID or name
* @return User the user instance
*/
static function get (DatabaseEngine $db, $data = null) {
if ($data) {
//Checks in the hashtables if we already have loaded this instance
if (is_numeric($data)) {
if (array_key_exists($data, User::$hashtable_id)) {
return User::$hashtable_id[$data];
}
} else {
if (array_key_exists($data, User::$hashtable_name)) {
return User::$hashtable_name[$data];
}
}
}
return new User($db, $data);
}
///
/// Helper methods
///
/**
* Loads the object User (ie fill the properties) from the $_POST array
*/
function load_from_form () {
if (array_key_exists('name', $_POST)) {
$this->name = $_POST['name'];
}
if (array_key_exists('password', $_POST)) {
$this->password = $_POST['password'];
}
if (array_key_exists('active', $_POST)) {
$this->active = $_POST['active'];
}
if (array_key_exists('actkey', $_POST)) {
$this->actkey = $_POST['actkey'];
}
if (array_key_exists('email', $_POST)) {
$this->email = $_POST['email'];
}
if (array_key_exists('regdate', $_POST)) {
$this->regdate = $_POST['regdate'];
}
}
/**
* Loads the object User (ie fill the properties) from the database
*/
function load_from_database (): bool {
$db = $this->getDatabase();
$sql = "SELECT * FROM " . TABLE_USERS . " WHERE user_id = '" . $this->id . "'";
if (!($result = $db->query($sql))) {
message_die(SQL_ERROR, "Unable to query users", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "User unknown: " . $this->id;
return false;
}
$this->name = $row['username'];
$this->password = $row['user_password'];
$this->active = $row['user_active'];
$this->actkey = $row['user_actkey'];
$this->email = $row['user_email'];
$this->regdate = $row['user_regdate'];
//Puts object in hashtables
User::$hashtable_id[$this->id] = $this;
User::$hashtable_name[$this->name] = $this;
return true;
}
/**
* Saves to database
*/
function save_to_database (): void {
$db = $this->getDatabase();
$id = $this->id ? "'" . $db->escape($this->id) . "'" : 'NULL';
$name = $db->escape($this->name);
$password = $db->escape($this->password);
$active = $db->escape($this->active);
$actkey = $db->escape($this->actkey);
$email = $db->escape($this->email);
$regdate = $this->regdate ? "'" . $db->escape($this->regdate) . "'" : 'NULL';
//Updates or inserts
$sql = "REPLACE INTO " . TABLE_USERS . " (`user_id`, `username`, `user_password`, `user_active`, `user_actkey`, `user_email`, `user_regdate`) VALUES ($id, '$name', '$password', '$active', '$actkey', '$email', $regdate)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save", '', __LINE__, __FILE__, $sql);
}
if (!$id) {
//Gets new record id value
$this->id = $db->nextId();
}
}
/**
* Updates the specified field in the database record
*/
function save_field ($field) {
$db = $this->getDatabase();
if (!$this->id) {
message_die(GENERAL_ERROR, "You're trying to update a record not yet saved in the database");
}
$id = $db->escape($this->id);
$value = $db->escape($this->$field);
$sql = "UPDATE " . TABLE_USERS . " SET `$field` = '$value' WHERE user_id = '$id'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save $field field", '', __LINE__, __FILE__, $sql);
}
}
/**
* Generates a unique user id
*/
function generate_id () {
$db = $this->getDatabase();
do {
$this->id = rand(2001, 5999);
- $sql = "SELECT COUNT(*) FROM " . TABLE_USERS . " WHERE user_id = $this->id LOCK IN SHARE MODE;";
+ $sql = "SELECT COUNT(*) as is_already_used FROM " . TABLE_USERS . " WHERE user_id = $this->id LOCK IN SHARE MODE;";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't access users table", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- } while ($row[0]);
+ } while ($row["is_already_used"]);
}
/**
* Fills password field with encrypted version of the specified clear password
*
* @param string $newpassword The user's new password
*/
public function set_password ($newpassword) {
$this->password = md5($newpassword);
}
/**
* Deletes OpenID for this user
*/
public function delete_OpenID () {
$this->set_OpenID('');
}
/**
* Sets OpenID for this user
*
* @param string $url OpenID endpoint URL
*/
public function set_OpenID ($url) {
$db = $this->getDatabase();
if (!$this->id) {
$this->save_to_database();
}
$url = $db->escape($url);
$sql = "DELETE FROM " . TABLE_USERS_AUTH . " WHERE auth_type = 'OpenID' AND user_id = $this->id";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't delete old OpenID", '', __LINE__, __FILE__, $sql);
}
if ($url != '') {
$sql = "INSERT INTO " . TABLE_USERS_AUTH . " (auth_type, auth_identity, user_id) VALUES ('OpenID', '$url', $this->id)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't add new OpenID", '', __LINE__, __FILE__, $sql);
}
}
}
/**
* Checks if a login is available
*
* @param string $login the login to check
* @return bool true if the specified login is available ; otherwise, false.
*/
public static function is_available_login (DatabaseEngine $db, $login): bool {
- $sql = "SELECT COUNT(*) FROM " . TABLE_USERS . " WHERE username LIKE '$login' LOCK IN SHARE MODE;";
+ $sql = "SELECT COUNT(*) as is_used FROM " . TABLE_USERS . " WHERE username LIKE '$login' LOCK IN SHARE MODE;";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Utilisateurs non parsable", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- return !$row[0];
+ return !$row["is_used"];
}
/**
* Gets username from specified e-mail
*
* @param string $mail the mail to search
* @return string|bool the username matching the mail if found ; otherwise, false.
*/
public static function get_username_from_email (DatabaseEngine $db, $mail) {
$sql = "SELECT username FROM " . TABLE_USERS . " WHERE user_email LIKE '$mail' LOCK IN SHARE MODE;";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Utilisateurs non parsable", '', __LINE__, __FILE__, $sql);
}
if ($row = $db->fetchRow($result)) {
return $row['username'];
}
return false;
}
}
diff --git a/Models/Profile/ProfileComment.php b/Models/Profile/ProfileComment.php
index 40e7804..075e565 100644
--- a/Models/Profile/ProfileComment.php
+++ b/Models/Profile/ProfileComment.php
@@ -1,156 +1,156 @@
<?php
/**
* Profile comments class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* 0.1 2010-01-03 01:02 Autogenerated by Pluton Scaffolding
*
* @package Zed
* @subpackage Model
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Profile;
use Keruald\Database\DatabaseEngine;
use Zed\Models\Base\Entity;
use Zed\Models\Base\WithDatabase;
/**
* Profile comments class
*
* This class maps the profiles_comments table.
*/
class ProfileComment extends Entity {
use WithDatabase;
///
/// Properties
///
public $id;
public $perso_id;
public $author;
public $authorname; //should be read-only
public $date;
public $text;
public string $lastError = "";
/**
* Initializes a new instance of the ProfileComment class
*
* @param int $id the comment ID
*/
function __construct (DatabaseEngine $db, $id = '') {
$this->setDatabase($db);
if ($id) {
$this->id = $id;
$this->load_from_database();
} else {
$this->date = time();
}
}
/**
* Loads the object comment (ie fill the properties) from the $_POST array
*/
function load_from_form () {
if (array_key_exists('perso_id', $_POST)) {
$this->perso_id = $_POST['perso_id'];
}
if (array_key_exists('author', $_POST)) {
$this->author = $_POST['author'];
}
if (array_key_exists('date', $_POST)) {
$this->date = $_POST['date'];
}
if (array_key_exists('text', $_POST)) {
$this->text = $_POST['text'];
}
}
/**
* Loads the object comment (ie fill the properties) from the database
*/
function load_from_database (): bool {
$db = $this->getDatabase();
$id = $db->escape($this->id);
$sql = "SELECT c.*, p.perso_name as author FROM " . TABLE_PROFILES_COMMENTS . " c, " . TABLE_PERSOS . " p WHERE c.comment_id = '$id' AND p.perso_id = c.comment_author";
if (!($result = $db->query($sql))) {
message_die(SQL_ERROR, "Unable to query azhar_profiles_comments", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "comment unknown: " . $this->id;
return false;
}
$this->perso_id = $row['perso_id'];
$this->author = $row['comment_author'];
$this->authorname = $row['author'];
$this->date = $row['comment_date'];
$this->text = $row['comment_text'];
return true;
}
/**
* Saves the object to the database
*/
function save_to_database (): void {
$db = $this->getDatabase();
$id = $this->id ? "'" . $db->escape($this->id) . "'" : 'NULL';
$perso_id = $db->escape($this->perso_id);
$author = $db->escape($this->author);
$date = $db->escape($this->date);
$text = $db->escape($this->text);
$sql = "REPLACE INTO " . TABLE_PROFILES_COMMENTS . " (`comment_id`, `perso_id`, `comment_author`, `comment_date`, `comment_text`) VALUES ($id, '$perso_id', '$author', '$date', '$text')";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save", '', __LINE__, __FILE__, $sql);
}
if (!$id) {
//Gets new record id value
$this->id = $db->nextId();
}
}
/**
* Publishes the comment
* @todo Add events on publish
*/
function publish () {
$this->save_to_database();
}
/**
* Gets comments
*
* @param int $perso_id The Perso ID
*/
static function get_comments (DatabaseEngine $db, $perso_id) {
$sql = "SELECT comment_id FROM " . TABLE_PROFILES_COMMENTS . " WHERE perso_id = " . $db->escape($perso_id);
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Unable to get comments", '', __LINE__, __FILE__, $sql);
}
$comments = [];
while ($row = $db->fetchRow($result)) {
- $comments[] = new ProfileComment($db, $row[0]);
+ $comments[] = new ProfileComment($db, $row["comment_id"]);
}
return $comments;
}
}
diff --git a/Models/Profile/ProfilePhoto.php b/Models/Profile/ProfilePhoto.php
index ae25f33..d13f2e0 100644
--- a/Models/Profile/ProfilePhoto.php
+++ b/Models/Profile/ProfilePhoto.php
@@ -1,225 +1,225 @@
<?php
/**
* Profile photo class
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* 0.1 2010-01-03 21:00 Autogenerated by Pluton Scaffolding
* 0.2 2010-02-02 00:52 Thumbnail ImageMagick generation code
*
* @package Zed
* @subpackage Model
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*/
namespace Zed\Models\Profile;
use Keruald\Database\DatabaseEngine;
use Zed\Models\Base\Entity;
use Zed\Models\Objects\Perso;
/**
* Profile photo class
*
* This class maps the profile_photos table.
*
* It also provides helper methods to handle avatars or get all the photos
* from a specified perso.
*/
class ProfilePhoto extends Entity {
public $id;
public $perso_id;
public $name;
public $description;
public $avatar;
public string $lastError = "";
/**
* Initializes a new instance of the ProfilePhoto class
*/
function __construct (DatabaseEngine $db, $id = '') {
$this->setDatabase($db);
if ($id) {
$this->id = $id;
$this->load_from_database();
}
}
/**
* Loads the object photo (ie fill the properties) from the $_POST array
*
* @param bool $readBoolean if false, don't read the bool avatar field to avoid to set by error false if the field weren't in the form.
*/
function load_from_form ($readBoolean = true) {
if (array_key_exists('perso_id', $_POST)) {
$this->perso_id = $_POST['perso_id'];
}
if (array_key_exists('name', $_POST)) {
$this->name = $_POST['name'];
}
if (array_key_exists('description', $_POST)) {
$this->description = $_POST['description'];
}
if ($readBoolean) {
$this->avatar = (bool)$_POST['avatar'];
}
}
/**
* Loads the object photo (ie fill the properties) from the database
*/
function load_from_database () : bool {
$db = $this->getDatabase();
$id = $db->escape($this->id);
$sql = "SELECT * FROM " . TABLE_PROFILES_PHOTOS . " WHERE photo_id = '" . $id . "'";
if (!($result = $db->query($sql))) {
message_die(SQL_ERROR, "Unable to query azhar_profiles_photos", '', __LINE__, __FILE__, $sql);
}
if (!$row = $db->fetchRow($result)) {
$this->lastError = "photo unknown: " . $this->id;
return false;
}
$this->perso_id = $row['perso_id'];
$this->name = $row['photo_name'];
$this->description = $row['photo_description'];
$this->avatar = $row['photo_avatar'];
return true;
}
/**
* Promotes the photo to avatar
*/
function promote_to_avatar () {
$db = $this->getDatabase();
//1 - locally
$sql = "UPDATE " . TABLE_PROFILES_PHOTOS . " SET photo_avatar = 0 WHERE perso_id = " . $this->perso_id;
$db->queryScalar($sql);
$this->avatar = true;
//2 - in perso table
$perso = Perso::get($db, $this->perso_id);
$perso->avatar = $this->name;
$perso->save_to_database();
}
/**
* Saves the object to the database
*/
function save_to_database () : void {
$db = $this->getDatabase();
//Escapes fields
$id = $this->id ? "'" . $db->escape($this->id) . "'" : 'NULL';
$perso_id = $db->escape($this->perso_id);
$name = $db->escape($this->name);
$description = $db->escape($this->description);
$avatar = $this->avatar ? 1 : 0;
//Saves
$sql = "REPLACE INTO " . TABLE_PROFILES_PHOTOS . " (`photo_id`, `perso_id`, `photo_name`, `photo_description`, `photo_avatar`) VALUES ($id, '$perso_id', '$name', '$description', $avatar)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Unable to save", '', __LINE__, __FILE__, $sql);
}
if (!$id) {
//Gets new record id value
$this->id = $db->nextId();
}
}
/**
* Deletes the photo
*/
function delete () {
$db = $this->getDatabase();
//Deletes from disk
$pic_tn = PHOTOS_DIR . '/' . $this->name;
$pic_genuine = PHOTOS_DIR . '/tn/' . $this->name;
unlink($pic_tn);
unlink($pic_genuine);
//Deletes from database
$id = $db->escape($this->id);
$sql = "DELETE FROM " . TABLE_PROFILES_PHOTOS . " WHERE photo_id = '$id' LIMIT 1";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't delete photo", '', __LINE__, __FILE__, $sql);
}
}
/**
* Generates a thumbnail using ImageMagick binary
*
* @return boolean true if the thumbnail command returns 0 as program exit code ; otherwise, false
*/
function generate_thumbnail () {
global $Config;
$sourceFile = PHOTOS_DIR . DIRECTORY_SEPARATOR . $this->name;
$thumbnailFile = PHOTOS_DIR . DIRECTORY_SEPARATOR . 'tn' . DIRECTORY_SEPARATOR . $this->name;
$command = $Config['ImageMagick']['convert'] . " $sourceFile -resize 1000x80 $thumbnailFile";
@system($command, $code);
return ($code == 0);
}
/**
* Gets photos from the specified perso
*
* @param int $perso_id the perso ID
* @param bool $allowUnsafe if false, don't include not safe for work photos
* @return ProfilePhoto[]
*/
static function get_photos (DatabaseEngine $db, $perso_id, $allowUnsafe = true): array {
$sql = "SELECT photo_id FROM " . TABLE_PROFILES_PHOTOS . " WHERE perso_id = " . $db->escape($perso_id);
if (!$allowUnsafe) {
$sql .= " AND photo_safe = 0";
}
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Unable to get photos", '', __LINE__, __FILE__, $sql);
}
$photos = [];
while ($row = $db->fetchRow($result)) {
- $photos[] = new ProfilePhoto($row[0]);
+ $photos[] = new ProfilePhoto($db, $row["photo_id"]);
}
return $photos;
}
/**
* Gets perso avatar
*
* @param integer $perso_id the perso to get the avatar ID
* @param string $username the username to put in title tag
*/
static function get_avatar (DatabaseEngine $db, $perso_id, $username = '') {
$perso_id = $db->escape($perso_id);
$sql = "SELECT photo_description, photo_name FROM " . TABLE_PROFILES_PHOTOS . " WHERE perso_id = '$perso_id' and photo_avatar = 1";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Unable to get avatar", '', __LINE__, __FILE__, $sql);
}
if ($row = $db->fetchRow($result)) {
if (!$username) {
$username = get_name($perso_id);
}
$description = $row['photo_description'] ? "$row[photo_description] ($username's avatar)" : "$username's avatar";
$url = PHOTOS_URL . '/tn/' . $row['photo_name'];
return "<img src=\"$url\" title=\"$username\" alt=\"$description\" />";
} else {
return null;
}
}
}
diff --git a/controllers/page.php b/controllers/page.php
index a6deb55..dfa8f31 100644
--- a/controllers/page.php
+++ b/controllers/page.php
@@ -1,137 +1,137 @@
<?php
/**
* Page
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* This controller handle the /page URL.
*
* It allows to prints a content page.
*
* The code of the content page to print must be included in the URL:
* /page/quux will print the quux page.
*
* To edit a page, append ?mode=edit to the URL.
*
* It uses the page_edit.tpl view to edit and the raw.tpl view to print pages.
*
* Versions of the edited pages are saved in a separate table
* but it's not a wiki, it's for backup purposes.
*
* @package Zed
* @subpackage Controllers
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*
* @todo move "handle editor form" and some of the "gets page" code to a includes/objects/page.php file (rationale: cleaner model/controller separation)
*/
if (!$code = $db->escape($url[1])) {
message_die(HACK_ERROR, "/page/ must be followed by page code");
}
//
// Handles editor form
//
if ($_POST['code']) {
//Ask flag admin.pages.editor
$CurrentPerso->request_flag('admin.pages.editor');
//Gets version
- $sql = "SELECT MAX(page_version) + 1 FROM " . TABLE_PAGES_EDITS .
+ $sql = "SELECT MAX(page_version) + 1 as new_version FROM " . TABLE_PAGES_EDITS .
" WHERE page_code = '$code'";
if (!$result = $db->query($sql)) {
message_die(SQL_ERROR, "Can't fetch pages", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- $page_version = ($row[0] == "") ? 0 : $row[0];
+ $page_version = ($row["new_version"] == "") ? 0 : $row["new_version"];
//Gets other fields
$page_code = $db->escape($code);
$page_title = $db->escape($_POST['title']);
$page_content = $db->escape($_POST['content']);
$page_edit_reason = $db->escape($_POST['edit_reason']);
$page_edit_user_id = $CurrentPerso->user_id;
$page_edit_time = time();
//Saves archive version
$sql = "INSERT INTO " . TABLE_PAGES_EDITS . " (`page_code`, `page_version`, `page_title`, `page_content`, `page_edit_reason`, `page_edit_user_id`, `page_edit_time`) VALUES ('$page_code', '$page_version', '$page_title', '$page_content', '$page_edit_reason', '$page_edit_user_id', '$page_edit_time')";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't save page", '', __LINE__, __FILE__, $sql);
}
//Saves prod version
$sql = "REPLACE INTO " . TABLE_PAGES . " (`page_code`, `page_title`, `page_content`) VALUES ('$page_code', '$page_title', '$page_content')";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Can't save page", '', __LINE__, __FILE__, $sql);
}
$smarty->assign('NOTIFY', "Page $page_code saved, version $page_version.");
}
//
// Gets page
//
$sql = "SELECT page_title, page_content, page_code FROM " . TABLE_PAGES . " WHERE page_code LIKE '$code'";
if ( !($result = $db->query($sql)) ) {
message_die(SQL_ERROR, "Can't get pages", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
switch ($_GET['mode']) {
case 'edit':
$CurrentPerso->request_flag('admin.pages.editor');
$template = 'page_edit.tpl';
if ($row) {
$smarty->assign('PAGE_TITLE', $row['page_title']);
$smarty->assign('page', $row);
} else {
$smarty->assign('PAGE_TITLE', $code);
$page['page_code'] = $code;
$smarty->assign('page', $page);
unset($page);
}
$smarty->assign('PAGE_JS', 'FCKeditor/fckeditor.js');
break;
default:
if ($row) {
$smarty->assign('PAGE_TITLE', $row['page_title']);
$content = $row['page_content'];
} else {
$smarty->assign('PAGE_TITLE', lang_get('PageNotFound'));
$content = lang_get('PageNotFound');
}
//Adds edit link
if ($CurrentPerso->flags['admin.pages.editor']) {
$content .= '<p class="info" style="text-align: right">[ <a href="?mode=edit">Edit page</a> ]</p>';
}
$template = 'raw.tpl';
$smarty->assign('CONTENT', $content);
break;
}
//
// HTML output
//
//Serves header
include('header.php');
//Serves content
$smarty->display($template);
//Serves footer
include('footer.php');
diff --git a/dev/quux.php b/dev/quux.php
index 29fcf22..9533f72 100644
--- a/dev/quux.php
+++ b/dev/quux.php
@@ -1,163 +1,163 @@
<?php
use Hypership\Geo\PointPolarZ;
use Zed\Models\Geo\Galaxy;
use Zed\Models\Geo\Port;
use Zed\Models\Geo\SceneIndex;
use Zed\Models\Objects\Application;
use Zed\Models\Objects\Content;
use Zed\Models\Objects\Invite;
use Zed\Models\Messages\Message;
use Zed\Models\Objects\Perso;
require_once('includes/cache/cache.php');
$case = 'YubiCloud';
$smarty->assign('PAGE_TITLE', "Quux [$case]");
include('controllers/header.php');
switch ($case) {
case 'YubiCloud':
require_once('Auth/Yubico.php');
echo '<h2>YubiKey</h2>';
if (!array_key_exists('YubiCloud', $Config)) {
message_die(GENERAL_ERROR, "YubiCloud authentication not configured. Add \$Config['YubiCloud']['ClientID'] and \$Config['YubiCloud']['SecretKey'] to your config.");
}
if (!$key = $_GET['OTP']) {
message_die(GENERAL_ERROR, "Please add in URL ?OTP=, then put your cursor at right of the = and press your YubiKey button");
}
$yubi = new Auth_Yubico($Config['YubiCloud']['ClientID'], $Config['YubiCloud']['SecretKey']);
if (!$data = $yubi->parsePasswordOTP($key)) {
message_die(GENERAL_ERROR, "This is not an YubiKey OTP.");
}
$prefix = $data['prefix'];
$auth = $yubi->verify($key);
if (@PEAR::isError($auth)) {
if ($auth->getMessage() == 'REPLAYED_OTP') {
message_die("This OTP has already been used.");
}
message_die(HACK_ERROR, "<p>Authentication failed: " . $auth->getMessage() . "</p><p>Debug: " . $yubi->getLastResponse() . "</p>");
} else {
print "<p>You are authenticated!</p>";
}
break;
case 'PointPolarZ':
echo "<H2>PointPolarZ</H2>";
$point = PointPolarZ::fromString("(48, 30°, 3)");
printf("Secteur T%dC%d", $point->getSection(), $point->z);
dprint_r($point);
break;
case 'index_scenes':
$time[] = microtime();
$cache = Cache::load();
if ($index = $cache->get('SceneIndex')) {
$index = unserialize($index);
} else {
$index = SceneIndex::Load(SCENE_DIR);
$cache->set('SceneIndex', serialize($index));
}
$time[] = microtime();
echo '<H2>SceneIndex</H2>';
dprint_r($index);
echo '<H2>Time (ms)</H2>';
dprint_r(1000 * ($time[1] - $time[0]));
dprint_r($time);
break;
case 'travel':
require_once('includes/travel/travel.php');
$travel = Travel::load();
dieprint_r($travel);
break;
case 'spherical':
echo '<H2>Spherical coordinates test</H2>';
echo '<table cellpadding=8>';
echo "<tr><th>Name</th><th>Type</th><th>Cartesian coords</th><th>Spherical I</th><th>Spherical II</th><th>Pencil coordinates</th></tr>";
$objects = Galaxy::getCoordinates($db);
foreach ($objects as $row) {
- echo "<tr><th style='text-align: left'>$row[0]</th><td>$row[1]</td><td>$row[2]</td>";
- $pt = $row[2];
+ echo "<tr><th style='text-align: left'>$row[object_name]</th><td>$row[object_type]</td><td>$row[object_location]</td>";
+ $pt = $row["object_location"];
echo '<td>(', implode(', ', $pt->toSpherical()), ')</td>';
echo '<td>(', implode(', ', $pt->toSphericalAlternative()), ')</td>';
$pt->translate(500, 300, 200, 2);
echo '<td>', $pt, '</td>';
echo '</tr>';
}
echo '</table>';
break;
case 'travel':
require_once('includes/travel/travel.php');
require_once('includes/travel/place.php');
$cache = Cache::load();
$travel = $cache->get('zed_travel');
if ($travel == '') {
$travel_nocached = new Travel();
$travel_nocached->load_xml("content/travel.xml");
$cache->set('zed_travel', serialize($travel_nocached));
} else {
$travel = unserialize($travel);
}
dieprint_r($travel);
break;
case 'perso.create.notify':
$testperso = Perso::get($db, 4733);
$message = new Message($db);
$message->setAsSystem();
$message->to = invite::who_invited($db, $testperso);
$url = get_server_url() . get_url('who', $testperso->nickname);
$message->text = sprintf(lang_get('InvitePersoCreated'), $testperso->name, $url);
$message->send();
dieprint_r($message);
break;
case 'pushdata';
echo '
<h2>/api.php/app/pushdata</h2>
<form method="post" action="/api.php/app/pushdata?mode=file&key=37d839ba-f9fc-42ca-a3e8-28053e979b90" enctype="multipart/form-data">
<input type="file" name="datafile" /><br />
<input type="submit" value="Send file" />
</form>
';
break;
case 'thumbnail':
$content = new Content($db, 1);
dprint_r($content);
$content->generate_thumbnail();
break;
case 'port':
echo '<h2>Port::from_location test</h2>';
$locations = array("B00002", "B00002123", "B00001001", "xyz: [800, 42, 220]");
foreach ($locations as $location) {
dprint_r(Port::from_location($db, $location));
}
break;
case 'ext':
$file = 'dev/foo.tar';
echo "<h2>$file</h2>";
echo "<h3>.tar.bz2</h3>";
echo preg_match('/\.tar\.bz2$/', $file);
echo "<h3>.tar</h3>";
echo preg_match('/\.tar$/', $file);
break;
case 'app':
echo Application::from_api_key($db, "37d839ba-f9fc-42ca-a3e8-28053e979b90")
->generate_userkey($CurrentPerso);
break;
case '':
dieprint_r("No case currently selected.");
break;
}
include('controllers/footer.php');
diff --git a/includes/sessions.php b/includes/sessions.php
index 14bbcaf..7291127 100644
--- a/includes/sessions.php
+++ b/includes/sessions.php
@@ -1,162 +1,162 @@
<?php
/**
* Sessions
*
* Zed. The immensity of stars. The HyperShip. The people.
*
* (c) 2010, Dereckson, some rights reserved.
* Released under BSD license.
*
* This file provides functions to manage sessions. It's not currently properly
* documented, as it's a temporary old session file, which will be updated soon.
*
* @package Zed
* @subpackage Keruald
* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
* @copyright 2010 Sébastien Santoro aka Dereckson
* @license http://www.opensource.org/licenses/bsd-license.php BSD
* @version 0.1
* @link http://scherzo.dereckson.be/doc/zed
* @link http://zed.dereckson.be/
* @filesource
*
* @todo Replaces this code by the unified Keruald session class.
*/
use Keruald\OmniTools\Identifiers\Random;
use Zed\Models\Objects\User;
function session_update () {
global $db, $IP, $Config;
//Nettoyage de la session
/* Initialisation */
$time_online = 5 * 60; // Temps après lequel l'utilisateur n'est plus considéré comme online
$time_session = 2 * 60 * 60; // Durée de vie de la session
$heureActuelle = time(); //Timestamp UNIX et non MySQL
/* On fait le ménage */
$sql = "UPDATE " . TABLE_SESSIONS . " SET online=0 WHERE HeureLimite < $heureActuelle";
if (!$db->query($sql)) {
message_die(SQL_ERROR, 'Impossible de mettre à jour les sessions (utilisateurs offline)', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . TABLE_SESSIONS . " WHERE SessionLimite < $heureActuelle";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Impossible d'effacer les sessions expirées", '', __LINE__, __FILE__, $sql);
}
/* Création / mise à jour de la session utilisateur */
if (!$_SESSION['ID']) {
$_SESSION['ID'] = Random::generateHexHash();
}
$sql = "SELECT * FROM " . TABLE_SESSIONS . " WHERE session_id LIKE '$_SESSION[ID]'";
if ( !($result = $db->query($sql)) ) {
message_die(SQL_ERROR, "Problème critique avec les sessions.", '', __LINE__, __FILE__, $sql);
}
if ($result->numRows() === 0) {
$sql = "INSERT INTO " . TABLE_SESSIONS . " (IP, session_id, `Where`, HeureLimite, SessionLimite) VALUES ('$IP', '$_SESSION[ID]', $Config[ResourceID], $heureActuelle + $time_online, $heureActuelle + $time_session)";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Impossible de créer une nouvelle session", '', __LINE__, __FILE__, $sql);
}
} else {
$sql = "UPDATE " . TABLE_SESSIONS . " SET online=1, HeureLimite = $heureActuelle + $time_online, SessionLimite= $heureActuelle + $time_session WHERE session_id = '$_SESSION[ID]'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Impossible de mettre à jour la session", '', __LINE__, __FILE__, $sql);
}
}
}
function nbc () {
//Renvoi du nombre d'usagers connectés
global $db, $Config;
- $sql = "SELECT count(*) FROM " . TABLE_SESSIONS . " WHERE online=1 AND `Where` = $Config[ResourceID]";
+ $sql = "SELECT count(*) as count FROM " . TABLE_SESSIONS . " WHERE online=1 AND `Where` = $Config[ResourceID]";
if ( !($result = $db->query($sql)) ) {
message_die(SQL_ERROR, "Impossible d'obtenir le nombre d'utilisateurs connectés sur le site web", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
- return $row[0];
+ return $row["count"];
}
function get_info ($info) {
//Renvoie une variable de la session
global $db;
$sql = "SELECT $info FROM " . TABLE_SESSIONS . " WHERE session_id LIKE '$_SESSION[ID]'";
if ( !($result = $db->query($sql)) ) {
message_die(SQL_ERROR, "Impossible d'obtenir $info", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
return $row[$info];
}
function get_logged_user () {
//Renvoie toutes les informations d'un utilisateur
global $db;
$sql = "SELECT * FROM " . TABLE_SESSIONS . " WHERE session_id LIKE '$_SESSION[ID]'";
if ( !($result = $db->query($sql)) ) {
message_die(SQL_ERROR, "Impossible d'obtenir les informations de l'utilisateur", '', __LINE__, __FILE__, $sql);
}
$row = $db->fetchRow($result);
$user = User::get($db, $row['user_id']);
$user->session = $row;
return $user;
}
function set_info ($info, $value) {
//Définit une variable session
global $db;
$value = ($value === null) ? 'NULL' : "'" . $db->escape($value) . "'";
$sql = "UPDATE " . TABLE_SESSIONS . " SET $info = $value WHERE session_id LIKE '$_SESSION[ID]'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Impossible de définir $info", '', __LINE__, __FILE__, $sql);
}
}
/**
* Destroys $_SESSION array values, help ID
*/
function clean_session () {
foreach ($_SESSION as $key => $value) {
if ($key != 'ID') {
unset($_SESSION[$key]);
}
}
}
/**
* Logs in user
*/
function login ($user_id, $username) {
global $db;
$sql = "UPDATE " . TABLE_SESSIONS . " SET user_id = '$user_id' WHERE session_id LIKE '$_SESSION[ID]'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Impossible de procéder à la connexion", '', __LINE__, __FILE__, $sql);
}
//We send a cookie to print automatically the last username on the login
//page during 30 days.
if ($username) {
setcookie("LastUsername", $username, time() + 2592000);
}
}
/**
* Logs out user
*/
function logout () {
//Anonymous user in session table
global $db;
$sql = "UPDATE " . TABLE_SESSIONS . " SET user_id = '-1', perso_id = NULL WHERE session_id LIKE '$_SESSION[ID]'";
if (!$db->query($sql)) {
message_die(SQL_ERROR, "Impossible de procéder à la déconnexion", '', __LINE__, __FILE__, $sql);
}
clean_session();
}

File Metadata

Mime Type
text/x-diff
Expires
Sun, Nov 3, 23:11 (3 w, 5 d ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
20743
Default Alt Text
(84 KB)

Event Timeline