static function validate_login($user_name, $user_pass)
{
global $conex;
if ($user_pass == '') {
return 'INCORRECT';
}
$sql_word = digest(substr($user_name, 0, 2) . $user_pass);
$sql = 'SELECT user_id, full_name, email, last_login_datetime, ul.level_name, user_level, is_member, blocked_ind, pasapalabra, deleted_ind, control_code, required_change_pwd
FROM users u LEFT JOIN users_levels ul ON u.user_level = ul.level_value
WHERE email = \'' . $user_name . '\'';
$my_select = my_query($sql, $conex);
# Possible statuses to return from this function:
# NORMAL: usr and pwd are correct and the user is in normal condition
# INCORRECT: usr doesn't exist or pwd doesn't match
# FIRST: usr and pwd are correct and it is the first time the user logs in
# DELETED: user has been deleted and can't login. treat as an incorrect.
# BLOCKED: user has been blocked. Show block info
# MIGRATED: user doesn't have a password. Show screen to create password and insert control code and send control code.
# NOT_VALIDATED:user hasn't validated the e-mail address. Can login, when it is validaded the user will be able to place bookings.
# CHG_PWD_REQ: user must change password before logging in.
$user_arr = my_fetch_array($my_select);
if (my_num_rows($my_select)) {
if ($user_arr['pasapalabra'] == '') {
return 'MIGRATED';
} elseif ($user_arr['pasapalabra'] == $sql_word) {
if ($user_arr['deleted_ind'] == '1') {
return 'DELETED';
} elseif ($user_arr['blocked_ind'] == '1') {
return 'BLOCKED';
} elseif ($user_arr['required_change_pwd'] == '1') {
return 'CHG_PWD_REQ';
} elseif ($user_arr['control_code'] != '') {
return 'NOT_VALIDATED';
} elseif ($user_arr['last_login_datetime'] == '') {
return 'FIRST';
} else {
return 'NORMAL';
}
} else {
return 'INCORRECT';
}
} else {
return 'NOT_EXIST';
}
}
function print_combo_db($parameters)
{
# prints a combo selector with the data from $table
#
# $parameters: table -> table (required)
# code_field -> code field (required)
# desc_field -> description field, if not translated: get that; else make inner join with translation table (required if not trans)
# name -> name of the combo
# selected -> code of the field selected
# on_change -> call to a JS function to be called by 'onChange' event
# class -> class for the style of the combo
# extra_condition -> condition like ' extra_field = \'ex_field_value\''
# substr -> (#) number that indicates the max number of characters to display
# empty -> (1/0) inserts an empty option at the beggining
# detail -> (1/0) prints de code also with the options 01 : Option 1
# order -> field name and way to order: ' Name ASC';
# disabled -> if true shows the combo disabled.
# tabindex -> tab index inside the form
# no_header -> (1/0) prints only the options
global $conex;
if ($parameters['table'] && $parameters['code_field']) {
# prepare sql
$my_code_field = $parameters['code_field'];
if ($parameters['desc_field']) {
$my_desc_field = $parameters['desc_field'];
} else {
return;
}
if ($parameters['extra_condition']) {
$my_condition = ' WHERE ' . $parameters['extra_condition'];
}
if ($parameters['order']) {
$my_order = ' ORDER BY ' . $parameters['order'];
}
$sql = 'SELECT ' . $my_code_field . ', ' . $my_desc_field . ' FROM ' . $parameters['table'] . $my_condition . $my_order;
$my_select = @my_query($sql, $conex);
if ($my_select) {
# draw the combo
if (!isset($parameters['no_header'])) {
$parameters['no_header'] = 0;
}
$str_on_change = $parameters['on_change'] ? ' onchange="' . $parameters['on_change'] . '" ' : '';
$str_class = $parameters['class'] ? ' class="' . $parameters['class'] . '" ' : '';
$str_disabled = $parameters['disabled'] ? ' disabled="disabled" ' : '';
$str_tabindex = isset($parameters['tabindex']) ? ' tabindex="' . $parameters['tabindex'] . '" ' : '';
if ($parameters['no_header'] == 0) {
print '<select name="' . $parameters['name'] . '"' . $str_on_change . $str_class . $str_disabled . $str_tabindex . '>';
if ($parameters['empty']) {
print '<option value=""></option>';
}
}
while ($result = my_fetch_array($my_select, MYSQL_BOTH)) {
if ($parameters['selected'] == $result[$my_code_field]) {
$str_selected = ' SELECTED';
} else {
$str_selected = '';
}
if ($parameters['detail']) {
$result[$my_desc_field] = $result[$my_code_field] . ' : ' . $result[$my_desc_field];
}
if ($parameters['substr'] && strlen($result[$my_desc_field]) > $parameters['substr']) {
$str_option = substr($result[$my_desc_field], 0, $parameters['substr']) . '...';
} else {
$str_option = $result[$my_desc_field];
}
print '<option value="' . $result[$my_code_field] . '"' . $str_selected . '>' . htmlentities($str_option) . '</option>';
}
if ($parameters['no_header'] == 0) {
print '</select>';
}
}
}
}
