Execute('SELECT id, gid, sid, user FROM users WHERE id = ? AND sid = ?', array(substr($_COOKIE['login'], 32), substr($_COOKIE['login'], 0, 32))); if($res->RecordCount() && $res->fields[2]) { $this->uid = $res->fields[0]; $this->gid = $res->fields[1]; $this->name = $res->fields[3]; $this->login_type = 'cookie'; $this->login_key = $_COOKIE['login']; } } if($this->uid == 0 && $_GET['login']) { $res = $GLOBALS['db']->Execute('SELECT id, gid, sid, user FROM users WHERE id = ? AND sid = ?', array(substr($_GET['login'], 32), substr($_GET['login'], 0, 32))); if($res->RecordCount() && $res->fields[2]) { $this->uid = $res->fields[0]; $this->gid = $res->fields[1]; $this->name = $res->fields[3]; $this->login_type = 'url'; $this->login_key = $_GET['login']; } } } function Login($name, $pass) { $res = $GLOBALS['db']->Execute('SELECT id, gid, user FROM users WHERE user = ? AND password = ?', array($name, $pass)); if($res->RecordCount()) { $id = $res->fields[0]; $sid = md5(uniqid($name . " * " . $pass . " * " . rand())); $GLOBALS['db']->Execute('UPDATE users SET sid = ? WHERE id = ?', array($sid, $id)); $this->uid = $id; $this->gid = $res->fields[1]; $this->name = $res->fields[2]; $this->login_type = 'url'; $this->login_key = $sid . $id; setcookie('login', $this->login_key); return $id; } return 0; } function Logout() { $GLOBALS['db']->Execute('UPDATE users SET sid = \'\' WHERE id = ?', $this->uid); $this->uid = 0; $this->gid = 0; $this->login_type = ''; $this->login_key = ''; setcookie('login'); } function IsAdmin($id = -1) { if($id < 0) return ($this->gid == -1); return ($this->GetGid($id) == -1); } function GetUid() { return $this->uid; } function GetGid($id = -1) { if($id < 0) return $this->gid; if($id == 0) return 0; $res = $GLOBALS['db']->Execute('SELECT gid FROM users WHERE id = ?', $id); return $res->fields[0]; } function GetName($id = -1) { if($id < 0) return $this->name; $res = $GLOBALS['db']->Execute('SELECT user FROM users WHERE id = ?', $id); return $res->fields[0]; } function Exists($name) { $res = $GLOBALS['db']->Execute('SELECT id FROM users WHERE user = ?', $name); return ($res->RecordCount() > 0); } function Add($name, $gid, $pass) { if($this->Exists($name)) return 0; $GLOBALS['db']->Execute('INSERT INTO users (user, gid, password) VALUES (?, ?, ?)', array($name, $gid, $pass)); return $GLOBALS['db']->Insert_ID(); } function ChangePassword($id = -1, $new_pass) { if($id < 0) $id = $this->uid; $GLOBALS['db']->Execute('UPDATE users SET password = ? WHERE id = ?', array($new_pass, $id)); return ($GLOBALS['db']->Affected_Rows() > 0); } function ChangeGroup($id, $gid) { $GLOBALS['db']->Execute('UPDATE users SET gid = ? WHERE id = ?', array($gid, $id)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Rename($id, $new_name) { $GLOBALS['db']->Execute('UPDATE users SET user = ? WHERE id = ?', array($new_name, $id)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Delete($id) { $GLOBALS['db']->Execute('DELETE FROM users WHERE id = ?', $id); return ($GLOBALS['db']->Affected_Rows() > 0); } function ListUsers() { $res = $GLOBALS['db']->Execute('SELECT id, name FROM users ORDER BY id'); return $res->GetArray(); } function ListGroups() { $res = $GLOBALS['db']->Execute('SELECT id, name FROM groups ORDER BY id'); return $res->GetArray(); } } $GLOBALS['user'] = new User; ?>