diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/functions.inc.php | 37 | ||||
| -rw-r--r-- | include/functions_category.inc.php | 4 | ||||
| -rw-r--r-- | include/functions_session.inc.php | 50 | ||||
| -rw-r--r-- | include/functions_user.inc.php | 77 | ||||
| -rw-r--r-- | include/init.inc.php | 4 | ||||
| -rw-r--r-- | include/user.inc.php | 12 |
6 files changed, 101 insertions, 83 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php index 76c95e326..85db1eb76 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -20,6 +20,33 @@ include( 'functions_category.inc.php' ); //----------------------------------------------------------- generic functions +// get_enums returns an array containing the possible values of a enum field +// in a table of the database. +function get_enums( $table, $field ) +{ + // retrieving the properties of the table. Each line represents a field : + // columns are 'Field', 'Type' + $result=mysql_query("desc $table"); + while ( $row = mysql_fetch_array( $result ) ) + { + // we are only interested in the the field given in parameter for the + // function + if ( $row['Field']==$field ) + { + // retrieving possible values of the enum field + // enum('blue','green','black') + $option = explode( ',', substr($row['Type'], 5, -1 ) ); + for ( $i = 0; $i < sizeof( $option ); $i++ ) + { + // deletion of quotation marks + $option[$i] = str_replace( "'", '',$option[$i] ); + } + } + } + mysql_free_result( $result ); + return $option; +} + // get_boolean transforms a string to a boolean value. If the string is // "false" (case insensitive), then the boolean value false is returned. In // any other case, true is returned. @@ -54,9 +81,9 @@ function array_remove( $array, $value ) // are precised : e.g. 1052343429.89276600 function get_moment() { - $t1 = explode( " ", microtime() ); - $t2 = explode( ".", $t1[0] ); - $t2 = $t1[1].".".$t2[1]; + $t1 = explode( ' ', microtime() ); + $t2 = explode( '.', $t1[0] ); + $t2 = $t1[1].'.'.$t2[1]; return $t2; } @@ -273,9 +300,9 @@ function pwg_log( $file, $category, $picture = '' ) } } -function templatize_array( $array, $global_array_name ) +function templatize_array( $array, $global_array_name, $handle ) { - global $vtp, $handle, $lang, $page, $user, $conf; + global $vtp, $lang, $page, $user, $conf; for( $i = 0; $i < sizeof( $array ); $i++ ) { diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 051e89f56..115ee434e 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -1,6 +1,6 @@ <?php /*************************************************************************** - * functions_category.inc.php * + * functions_category.inc.php * * -------------------- * * application : PhpWebGallery 1.3 * * author : Pierrick LE GALL <pierrick@z0rglub.com> * @@ -131,7 +131,7 @@ function display_cat( $id_uppercat, $indent, $restriction, $tab_expand ) { $url.= "&search=".$_GET['search']; } - $lien_cat = add_session_id_to_url( $url ); + $lien_cat = add_session_id( $url ); if ( $row['name'] == "" ) { $name = str_replace( "_", " ", $row['dir'] ); diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index e85447221..722627dc7 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -48,10 +48,10 @@ function generate_key() return $key; } -function session_create( $pseudo ) +function session_create( $username ) { global $conf,$prefixeTable,$REMOTE_ADDR; - // 1. trouver une clé de session inexistante + // 1. searching an unused sesison key $id_found = false; while ( !$id_found ) { @@ -65,14 +65,13 @@ function session_create( $pseudo ) $id_found = true; } } - // 2. récupération de l'id de l'utilisateur dont le pseudo - // est passé en paramètre + // 2. retrieving id of the username given in parameter $query = 'select id'; $query.= ' from '.$prefixeTable.'users'; - $query.= " where pseudo = '".$pseudo."';"; + $query.= " where username = '".$username."';"; $row = mysql_fetch_array( mysql_query( $query ) ); $user_id = $row['id']; - // 3. insertion de la session dans la base de donnée + // 3. inserting session in database $expiration = $conf['session_time']*60+time(); $query = 'insert into '.$prefixeTable.'sessions'; $query.= ' (id,user_id,expiration,ip) values'; @@ -82,49 +81,28 @@ function session_create( $pseudo ) return $generated_id; } - -function add_session_id_to_url( $url, $redirect = false ) -{ - global $page, $user; - $amp = "&"; - if ( $redirect ) - { - $amp = "&"; - } - if ( !$user['is_the_guest'] ) - { - if ( ereg( "\.php\?",$url ) ) - { - return $url.$amp."id=".$page['session_id']; - } - else - { - return $url."?id=".$page['session_id']; - } - } - else - { - return $url; - } -} +// add_session_id adds the id of the session to the string given in +// parameter as $url. If the session id is the first parameter to the url, +// it is preceded by a '?', else it is preceded by a '&'. If the +// parameter $redirect is set to true, '&' is used instead of '&'. function add_session_id( $url, $redirect = false ) { global $page, $user; - $amp = "&"; + $amp = '&'; if ( $redirect ) { - $amp = "&"; + $amp = '&'; } if ( !$user['is_the_guest'] ) { - if ( ereg( "\.php\?",$url ) ) + if ( preg_match( '/\.php\?/',$url ) ) { - return $url.$amp."id=".$page['session_id']; + return $url.$amp.'id='.$page['session_id']; } else { - return $url."?id=".$page['session_id']; + return $url.'?id='.$page['session_id']; } } else diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 48160f113..03be22b1a 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -14,34 +14,39 @@ * the Free Software Foundation; * * * ***************************************************************************/ + +// validate_mail_address verifies whether the given mail address has the +// right format. ie someone@domain.com "someone" can contain ".", "-" or +// even "_". Exactly as "domain". The extension doesn't have to be +// "com". The mail address can also be empty. +// If the mail address doesn't correspond, an error message is returned. function validate_mail_address( $mail_address ) { global $lang; - $output = ''; - // le mail doit être conforme à qqch du type : nom@serveur.com - if ( $mail_address != '' - and !ereg( "([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", - $mail_address ) ) + if ( $mail_address == '' ) { - $output = $lang['reg_err_mail_address']; + return ''; + } + $regex = '/^[\w-]+(\.[\w-]+)*@[\w-]+(\.[\w-]+)*\.[a-z]+$/'; + if ( !preg_match( $regex, $mail_address ) ) + { + return $lang['reg_err_mail_address']; } - - return $output; } -function register_user( $login, $password, $password_conf, - $mail_address, $status = 'visiteur' ) +function register_user( + $login, $password, $password_conf, $mail_address, $status = 'guest' ) { - global $prefixeTable; + global $prefixeTable, $lang; $error = array(); $i = 0; - // le login ne doit pas - // 1. être vide - // 2. commencer ou se terminer par un espace - // 3. comporter les caractères ' ou " - // 4. être déjà utilisé + // login must not + // 1. be empty + // 2. start ou end with space character + // 3. include ' or " characters + // 4. be already used if ( $login == '' ) { $error[$i++] = $lang['reg_err_login1']; @@ -62,15 +67,14 @@ function register_user( $login, $password, $password_conf, { $query = 'select id'; $query.= ' from '.$prefixeTable.'users'; - $query.= " where pseudo = '".$login."';"; + $query.= " where username = '".$login."';"; $result = mysql_query( $query ); if ( mysql_num_rows( $result ) > 0 ) { $error[$i++] = $lang['reg_err_login5']; } } - // on vérifie que le password rentré correspond bien - // à la confirmation faite par l'utilisateur + // given password must be the same as the confirmation if ( $password != $password_conf ) { $error[$i++] = $lang['reg_err_pass']; @@ -81,12 +85,11 @@ function register_user( $login, $password, $password_conf, { $error[$i++] = $error_mail_address; } - - // on enregistre le nouvel utilisateur si aucune - //erreur détectée dans les paramètres + + // if no error until here, registration of the user if ( sizeof( $error ) == 0 ) { - // 1.récupération des valeurs par défaut de l'application + // 1. retrieving default values, the ones of the user "guest" $infos = array( 'nb_image_line', 'nb_line_page', 'theme', 'language', 'maxwidth', 'maxheight', 'expand', 'show_nb_comments', 'short_period', 'long_period', 'template' ); @@ -104,17 +107,17 @@ function register_user( $login, $password, $password_conf, $query.= $infos[$i]; } $query.= ' from '.$prefixeTable.'users'; - $query.= " where pseudo = 'visiteur';"; + $query.= " where username = 'guest';"; $row = mysql_fetch_array( mysql_query( $query ) ); - // 2.ajout du nouvel utilisateur + // 2. adding new user $query = 'insert into '.$prefixeTable.'users'; $query.= ' ('; - $query.= ' pseudo,password,mail_address,status'; + $query.= ' username,password,mail_address,status'; for ( $i = 0; $i < sizeof( $infos ); $i++ ) { $query.= ','.$infos[$i]; } - $query.= ' values ('; + $query.= ') values ('; $query.= " '".$login."'"; $query.= ",'".md5( $password )."'"; if ( $mail_address != '' ) @@ -128,23 +131,30 @@ function register_user( $login, $password, $password_conf, $query.= ",'".$status."'"; for ( $i = 0; $i < sizeof( $infos ); $i++ ) { - $query.= ','.$row[$infos[$i]]; + $query.= ','; + if ( $row[$infos[$i]] == '' ) + { + $query.= 'NULL'; + } + else + { + $query.= "'".$row[$infos[$i]]."'"; + } } $query.= ');'; mysql_query( $query ); - // 3. récupérer l'identifiant de l'utilisateur nouvellement créé + // 3. retrieving the id of the newly created user $query = 'select id'; $query.= ' from '.$prefixeTable.'users'; - $query.= " where pseudo = '".$login."';"; + $query.= " where username = '".$login."';"; $row = mysql_fetch_array( mysql_query( $query ) ); $user_id = $row['id']; - // 4.ajouter les restrictions au nouvel utilisateur, - // les mêmes que celles de l'utilisateur par défaut + // 4. adding restrictions to the new user, the same as the user "guest" $query = 'select cat_id'; $query.= ' from '.$prefixeTable.'restrictions as r'; $query.= ','.$prefixeTable.'users as u '; $query.= ' where u.id = r.user_id'; - $query.= " and u.pseudo = 'visiteur';"; + $query.= " and u.username = 'guest';"; $result = mysql_query( $query ); while( $row = mysql_fetch_array( $result ) ) { @@ -190,6 +200,7 @@ function update_user( $user_id, $mail_address, $status, } $query.= ' where id = '.$user_id; $query.= ';'; + echo $query; mysql_query( $query ); } return $error; diff --git a/include/init.inc.php b/include/init.inc.php index 041545b3f..21a3ac8b0 100644 --- a/include/init.inc.php +++ b/include/init.inc.php @@ -29,9 +29,11 @@ $user['restrictions'] = get_restrictions( $user['id'], $user['status'], true ); $isadmin = false; include_once( './language/'.$user['language'].'.php' ); +// displaying the username in the language of the connected user, instead of +// "guest" as you can find in the database if ( $user['is_the_guest'] ) { - $user['pseudo'] = $lang['guest']; + $user['username'] = $lang['guest']; } include_once( './template/'.$user['template'].'/style.inc.php' ); include_once( './template/'.$user['template'].'/htmlfunctions.inc.php' ); diff --git a/include/user.inc.php b/include/user.inc.php index b323385e7..3a95e08ab 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -1,9 +1,9 @@ <?php /*************************************************************************** - * user.inc.php is a part of PhpWebGallery * - * ------------------- * - * last update : Saturday, October 26, 2002 * - * email : pierrick@z0rglub.com * + * user.inc.php * + * ------------------ * + * application : PhpWebGallery 1.3 * + * author : Pierrick LE GALL <pierrick@z0rglub.com> * * * *************************************************************************** @@ -19,7 +19,7 @@ // Each field becomes an information of the array $user. // Example : // status --> $user['status'] -$infos = array( 'id', 'pseudo', 'mail_address', 'nb_image_line', +$infos = array( 'id', 'username', 'mail_address', 'nb_image_line', 'nb_line_page', 'status', 'theme', 'language', 'maxwidth', 'maxheight', 'expand', 'show_nb_comments', 'short_period', 'long_period', 'template' ); @@ -71,7 +71,7 @@ if ( isset( $_GET['id'] ) } if ( !$query_done ) { - $query_user .= " where pseudo = 'visiteur'"; + $query_user .= ' where id = 2'; $user['is_the_guest'] = true; } $query_user .= ';'; |