public function getUsername() { $objUser = new clsUser($this->get('user_id')); if ($objUser->isNew()) { return $this->get('username'); } return $objUser->get('username'); }
try { /* Update the DB if we need to. */ require_once 'include/upgrade.php'; $strAction = isset($_REQUEST['action']) ? $_REQUEST['action'] : ''; $strSubAction = isset($_REQUEST['subaction']) ? $_REQUEST['subaction'] : ''; $objBreadcrumbs = new clsBreadcrumbs(); $objBreadcrumbs->add('Home', 'index.php'); $objMiniMenu = new clsMiniMenu(); if (!isset($_SESSION['objUser'])) { $objUser = clsUser::getCookie(); } else { $objUser = $_SESSION['objUser']; } /* This re-loads the user object in case it's changed. */ if ($objUser) { $objUser = new clsUser($objUser->get('id')); } if ($objUser && $objUser->isNew()) { $objUser = null; } if (!preg_match('/^[a-zA-Z2-9_-]*$/', $strAction)) { throw new Exception(ERRORMSG_INVALID); } $objTemplate = new clsTemplate('default'); $objTemplate->setText('SCRIPT', clsDB::initializeJS()); $objTemplate->setText('TITLE', "OSPAP2"); /* Inline CSS for advanced. */ $objTemplate->setText('HEAD', clsUser::getAdvancedStyle($objUser)); if (isset($_REQUEST['error']) && isset($arrMessages[$_REQUEST['error']])) { $objTemplate->setText('ERROR', $arrMessages[$_REQUEST['error']]); } else {
/* If it's the base album, allow filtering by user. */ if ($objAlbum->isNew()) { print $objAlbum->getUserFilter("Filter by user") . "<hr>"; } /* Display the expand/contract all buttons. */ print "<a href='#' onClick='expand_all()' class='nounderline'><img src='images/expand.png'> Expand All</a><br>"; print "<a href='#' onClick='contract_all()' class='nounderline'><img src='images/contract.png'> Hide All</a><br>"; print "<br>"; /* Display any sub-albums. */ clsAlbum::displayAlbums($arrSubAlbums, $objUser); /* Display any pictures. */ clsPicture::displayPictures($objAlbum->getPictures(), $objAlbum->get('id') ? true : false); } if ($strSubAction == 'useralbums') { if ($objUser && $objUser->get('remember_filter')) { $objUser->set('filter_user', $objMember->get('id')); $objUser->save(); } if (!$objMember || $objMember->isNew()) { header("Location: index.php?action=albums"); exit; } $objTemplate->setText('PAGETITLE', $objMember->get('username') . "'s Albums"); $objBreadcrumbs->add('Members', 'index.php?action=members'); $objBreadcrumbs->add($objMember->get('username'), 'index.php?action=members&subaction=view&' . $objGroup->getIDPair()); $objBreadcrumbs->add('Albums', "index.php?action=albums&subaction=memberalbums" . $objMember->getIDPair()); $arrAlbums = clsAlbum::getUserAlbums($objUser, $objMember); /* This script allows the albums to be expanded/hidden. */ $objTemplate->setText('SCRIPT', clsAlbum::getSubAlbumScript()); $objTemplate->setText('SCRIPT', clsAlbum::getAllAlbumScript($arrAlbums)); /* Display the expand/contract all buttons. */
$objMember = new clsUser(); $objMember->getFromRequest(); $objMember->load(); if ($strSubAction == '') { $objTemplate->setText('PAGETITLE', "Members"); $objMiniMenu->add('Groups', 'index.php?action=groups'); $arrUsers = clsUser::getUserList(); print "<table class='members'>"; print "<tr>"; print "<th width='150' align='left'>Name</td>"; print "<th width='100'>Albums</td>"; print "<th width='100'>Pictures</td>"; print "</tr>"; foreach ($arrUsers as $objMember) { print "<tr>"; print "<td><a href='index.php?action=members&subaction=view&" . $objMember->getIDPair() . "' class='nounderline'>" . $objMember->get('username') . "</a></td>"; print "<td align='center'><a href='index.php?action=albums&subaction=useralbums&" . $objMember->getIDPair() . "' class='nounderline'>" . clsAlbum::getUserAlbumCount($objUser, $objMember) . "</a></td>"; print "<td align='center'><a href='index.php?action=albums&subaction=userpictures&" . $objMember->getIDPair() . "' class='nounderline'>" . clsAlbum::getUserPictureCount($objUser, $objMember) . "</a></td>"; print "</tr>"; } print "</table>"; } if ($strSubAction == 'view') { if (clsUser::canEdit($objMember, $objUser)) { if ($objMember->isNew()) { $objMember->getFromRequest(array('id', 'username', 'password1', 'password2', 'email', 'is_advanced', 'show_empty', 'remember_filter', 'realname', 'location')); $objTemplate->setText('PAGETITLE', 'Registration'); $objBreadcrumbs->add('Registration', "index.php?action=members&subaction=view"); } else { $objTemplate->setText('PAGETITLE', 'Editing ' . $objMember->get('username')); $objBreadcrumbs->add('Registration', "index.php?action=members&subaction=view&" . $objMember->getIDPair());
// $objMiniMenu->add('Disband', 'index.php?action=groups&subaction=disband&' . $objGroup->getIDPair()); } /* The user can edit the group. */ if ($objGroup->canEdit($objUser)) { $objMiniMenu->add('Edit', 'index.php?action=groups&subaction=edit&' . $objGroup->getIDPair()); } $objGroupTemplate = new clsTemplate('viewgroup'); $objGroupTemplate->setText('NAME', $objGroup->get('name')); $objGroupTemplate->setText('FOUNDER', $objGroup->getFrom('user', 'username')); $objGroupTemplate->setText('ISPRIVATE', $objGroup->get('is_private') ? "Yes" : "No"); $objGroupTemplate->setText('ISHIDDEN', $objGroup->get('is_hidden') ? "Yes" : "No"); $arrMembers = $objGroup->getMembers(); foreach ($arrMembers as $objMember) { $str = ''; $str .= "<tr>"; $str .= "<td><a href='index.php?action=members&subaction=view&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></td>"; $str .= "</tr>"; $objGroupTemplate->setText('MEMBERS', $str); } $arrRequestedJoins = $objGroup->getRequestedJoins(); foreach ($arrRequestedJoins as $objMember) { $str = ''; $str .= "<tr>"; $str .= "<td><a href='index.php?action=members&subaction=view&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></td>"; if ($objGroup->isMember($objUser)) { $str .= "<td><a href='index.php?action=groups&subaction=approve&" . $objGroup->getIDPair() . "&" . $objMember->getIDPair() . "'>Approve</td>"; } else { $str .= "<td>Awaiting Approval</td>"; } $objGroupTemplate->setText('PENDING', $str); }
public static function getByName($strName) { /* By putting the username into an object, it is sanitized. */ $objUser = new clsUser(); $objUser->set('username', $strName); $arrResults = clsDB::getListStatic('user', "`<<user><username>>`='" . $objUser->get('username') . "'"); if (sizeof($arrResults) == 0) { return null; } // Username wasn't found if (sizeof($arrResults) > 1) { throw new Exception("exception_multiplenames"); } /* should never happen, but who knows? */ return new clsUser($arrResults[0]->get('id')); }
<?php if ($strSubAction == '') { $objTemplate->setText('PAGETITLE', "Password Recovery"); $objBreadcrumbs->add('Password Recovery', 'index.php?action=forgotpassword'); $objRecoverUser = new clsUser(); print "<form action='index.php' method='get'>"; print "<input type='hidden' name='action' value='forgotpassword'>"; print "<input type='hidden' name='subaction' value='go'>"; print "Your account name: " . $objRecoverUser->getTextField('username') . "<br>"; print $objRecoverUser->getSubmit('Recover'); print "</form>"; } if ($strSubAction == 'go') { $objRecoverUser = new clsUser(); $objRecoverUser->getFromRequest(); $strResult = clsUser::attemptRecover($objRecoverUser->get('username')); header("Location: index.php?message={$strResult}"); }