private function getEmails() { global $dbConnectionInfo; $this->to = array(); if (defined('__ADMIN_EMAIL__') && strlen(trim(__ADMIN_EMAIL__)) > 0) { $this->to[] = __ADMIN_EMAIL__; } if (defined("__SEND_ERRORS__") && __SEND_ERRORS__) { try { $ds = new RecordSet($dbConnectionInfo, false, true); $ds->open("SELECT email FROM users WHERE level='admin';"); while ($ds->MoveNext()) { $this->to[] = $ds->Field('email'); } $ds->close(); } catch (Exception $e) { // ignore $msg = date("Y-m-d H:i:s") . ": Error:[" . $e->getCode() . "] message:[" . $e->getMessage() . "]\tfile:[" . $e->getFile() . "] line:[" . $e->getLine() . "]"; $this->bag .= "[" . $this->getRealIpAddr() . "] - " . $msg . "<br/>"; $this->count++; $this->sendInternal(false); } } }
/** * Check if entered password match the password registered in DB. * Used when user try to edit account * * @param $oldPassword Entered password * @return bool TRUE if password is valid * @throws Exception */ private function isValidPassword($oldPassword) { $toReturn = false; $db = new RecordSet($this->dbConnectionInfo); $sql = "SELECT userId FROM users WHERE userId='" . $this->info['userId'] . "' AND password='******';"; $ids = $db->open($sql); if ($ids == 1) { $toReturn = true; } else { // Try to authenticate using LDAP if ($this->ldap instanceof Ldap) { $toReturn = $this->ldap->authenticate($this->info['userName'], $oldPassword); } } $db->Close(); return $toReturn; }
function deleteRecursive($ids) { if (count($ids) > 0) { $db = new RecordSet($this->dbConnectionInfo, false, true); $toDelete = array(); $idsS = implode(", ", $ids); $db->open("SELECT commentId FROM comments WHERE referedComment in (" . $idsS . ");"); while ($db->MoveNext()) { $toDelete[] = $db->Field("commentId"); } $query = "DELETE FROM comments WHERE commentId in (" . $idsS . ");"; $toReturn = $db->Run($query); $db->close(); if (count($toDelete) > 0) { $this->deleteRecursive($toDelete); } } }
private function isValidPassword($oldPassword) { $toReturn = false; $db = new RecordSet($this->dbConnectionInfo); $sql = "SELECT userId FROM users WHERE userId='" . $this->info['userId'] . "' AND password='******';"; $ids = $db->open($sql); if ($ids == 1) { $toReturn = true; } $db->Close(); return $toReturn; }