/** * Validate the Captcha * * @param string $captchaCode Captcha code * @return boolean */ public function validateCaptchaCode($captchaCode) { $captchaCode = PMF_String::strtoupper($captchaCode); // Help the user: treat "0" (ASCII 48) like "O" (ASCII 79) // if "0" is not in the realm of captcha code letters if (!in_array("0", $this->letters)) { $captchaCode = str_replace("0", "O", $captchaCode); } // Sanity check for ($i = 0; $i < PMF_String::strlen($captchaCode); $i++) { if (!in_array($captchaCode[$i], $this->letters)) { return false; } } // Search for this Captcha in the db $query = sprintf("\n SELECT\n id\n FROM\n %sfaqcaptcha\n WHERE\n id = '%s'", SQLPREFIX, $this->db->escape_string($captchaCode)); if ($result = $this->db->query($query)) { $num = $this->db->num_rows($result); if ($num > 0) { $this->code = $captchaCode; $this->removeCaptcha($captchaCode); return true; } } return false; }
/** * Saves the current user-data into the database. * Returns true on success, otherwise false. * * @return bool */ public function save() { $update = sprintf("\n UPDATE\n %sfaquserdata\n SET\n last_modified = '%s',\n display_name = '%s',\n email = '%s'\n WHERE\n user_id = %d", SQLPREFIX, date('YmdHis', $_SERVER['REQUEST_TIME']), $this->db->escape_string($this->data['display_name']), $this->db->escape_string($this->data['email']), $this->user_id); $res = $this->db->query($update); if (!$res) { return false; } return true; }
/** * Checks the number of entries of given login name * * @param string $login Loginname * @param array $optionslData Optional data * @return integer */ public function checkLogin($login, array $optionalData = null) { $check = sprintf("\n SELECT\n login\n FROM\n %sfaquserlogin\n WHERE\n login = '******'", SQLPREFIX, $this->db->escape_string($login)); $check = $this->db->query($check); $error = $this->db->error(); if (strlen($error) > 0) { $this->errors[] = $error; return 0; } return $this->db->num_rows($check); }
/** * Creates the part for the WHERE clause * * @param string $searchTerm Search term * * @return string */ public function getMatchClause($searchTerm = '') { $keys = PMF_String::preg_split("/\\s+/", $searchTerm); $numKeys = count($keys); $numMatch = count($this->matchingColumns); $where = ''; for ($i = 0; $i < $numKeys; $i++) { if (strlen($where) != 0) { $where = $where . " OR"; } $where = $where . " ("; for ($j = 0; $j < $numMatch; $j++) { if ($j != 0) { $where = $where . " OR "; } $where = sprintf("%s%s LIKE '%%%s%%'", $where, $this->matchingColumns[$j], $this->dbHandle->escape_string($keys[$i])); } $where .= ")"; } return $where; }
/** * sets the user's status and updates the database entry. * * @param string $status Status * @return boolean */ public function setStatus($status) { // is status allowed? $status = strtolower($status); if (!in_array($status, array_keys($this->allowed_status))) { $this->errors[] = self::ERROR_USER_INVALID_STATUS; return false; } // update status $this->status = $status; $update = sprintf("\n UPDATE\n %sfaquser\n SET\n account_status = '%s'\n WHERE\n user_id = %d", SQLPREFIX, $this->db->escape_string($status), $this->user_id); $res = $this->db->query($update); if ($res) { return true; } return false; }