<?php # phpWebNotes - a php based note addition system # Copyright (C) 2000-2002 Webnotes Team - webnotes-devel@sourceforge.net # This program is distributed under the terms and conditions of the GPL # See the files README and LICENSE for details # -------------------------------------------------------- # $Id: user_home_page.php,v 1.1 2002/09/18 12:33:31 vboctor Exp $ # -------------------------------------------------------- require_once 'core' . DIRECTORY_SEPARATOR . 'api.php'; login_cookie_check(); access_ensure_check_action(ACTION_USERS_EDIT_OWN); $row = user_get_info(user_where_current()); extract($row, EXTR_PREFIX_ALL, "v"); print_html_top(); print_head_top(); print_title($g_window_title); print_css($g_css_inc_file); print_head_bottom(); print_body_top(); print_header($g_page_title); print_top_page($g_top_page_inc); print_admin_menu(); $t_access_level = enum_get_element('access_levels', $v_access_level); echo "<p>Logged in as {$v_username} ({$t_access_level})</p>"; print_bottom_page($g_bottom_page_inc); print_footer(__FILE__); print_body_bottom(); print_html_bottom();
function access_check_action($p_action) { global $g_string_cookie_val, $g_access_levels, $g_access_sets; if (!isset($g_access_levels[$p_action])) { return false; } if (empty($g_string_cookie_val)) { $t_access_level = ANONYMOUS; } else { $t_user = user_get_info(user_where_current()); if (false === $t_user) { return false; } $t_access_level = $t_user['access_level']; } if (NOBODY !== $g_access_levels[$p_action]) { return $t_access_level >= $g_access_levels[$p_action]; } if (!isset($g_access_sets[$p_action])) { return false; } return in_array($t_access_level, $g_access_sets[$p_action]); }
function print_admin_menu($p_add_space = true) { global $g_logout, $g_admin_index_files, $g_admin_change_password, $g_admin_manage_notes, $g_admin_manage_users, $s_logout_link, $s_index_files, $s_change_password, $s_manage_notes, $s_manage_users, $g_user_home_page; $queue_count = note_queue_count(); echo '<div class="menu">.: '; echo "<a title=\"Go to your home page\" href=\"{$g_user_home_page}\">Home</a> :: "; #if ( access_check_action( ACTION_PAGES_MANAGE ) ) { # echo "<a title=\"Add or remove pages\" href=\"$g_admin_index_files\">$s_index_files</a> :: "; #} if (access_check_action(ACTION_NOTES_MODERATE)) { echo "<a title=\"Moderate notes\" href=\"{$g_admin_manage_notes}\">{$s_manage_notes}</a> [{$queue_count}] :: "; } if (access_check_action(ACTION_USERS_MANAGE)) { echo "<a title=\"View/edit user information\" href=\"{$g_admin_manage_users}\">{$s_manage_users}</a> :: "; } $row = user_get_info(user_where_current()); extract($row, EXTR_PREFIX_ALL, 'v'); if (1 == $v_protected) { $t_action = ACTION_USERS_EDIT_OWN_PROTECTED; } else { $t_action = ACTION_USERS_EDIT_OWN; } if (access_check_action($t_action)) { echo "<a title=\"Change your own password\" href=\"{$g_admin_change_password}\">{$s_change_password}</a> :: "; } echo <<<EOT \t\t<a title="Logout from phpWebNotes" href="{$g_logout}">{$s_logout_link}</a> :. \t\t</div> EOT; }
# $Id: admin_manage_users_delete_page.php,v 1.4 2002/10/03 03:47:50 vboctor Exp $ # -------------------------------------------------------- require_once 'core' . DIRECTORY_SEPARATOR . 'api.php'; login_cookie_check(); access_ensure_check_action(ACTION_USERS_DELETE); print_html_top(); print_head_top(); print_title($g_window_title); print_css($g_css_inc_file); print_head_bottom(); print_body_top(); print_header($g_page_title); print_top_page($g_top_page_inc); print_admin_menu(); $f_user_id = gpc_get_int('f_user_id'); $t_user_info = user_get_info(user_where_id_equals($f_user_id)); ?> <div align="center"> Are you sure you want to delete user '<?php echo $t_user_info['username']; ?> '?<br /> <div class="spacer"></div> <form method="post" action="<?php echo $g_admin_manage_users_delete; ?> "> <input type="hidden" name="f_user_id" value="<?php echo $f_user_id; ?> " />
$r = user_get($user_id); dump($r); $mail = '*****@*****.**'; $website = 'www.izend.org'; $r = user_set($user_id, $name, $mail, $website, $locale); dump($r); $r = user_get($user_id); dump($r); $lastname = 'iZend'; $firstname = 'BarFoo'; $r = user_set_info($user_id, $lastname, $firstname); dump($r); $firstname = 'Bar-Foo'; $r = user_set_info($user_id, $lastname, $firstname); dump($r); $r = user_get_info($user_id); dump($r); $r = user_set_status($user_id, true, false); dump($r); $r = user_get_role($user_id); dump($r); $role = 'writer'; $r = user_set_role($user_id, $role); dump($r); $r = user_get_role($user_id); dump($r); $role = array('writer', 'moderator'); $r = user_set_role($user_id, $role); dump($r); $r = user_get_role($user_id); dump($r);
public function evaluate($id) { $info = user_get_info($id); $schools = array(); if ($info && isset($info['education_history'])) { foreach ($info['education_history'] as $school) { $school_info = new api10_education_info(); $school_info->name = $school['school_name']; $school_info->year = $school['year']; $school_info->degree = $school['degree']; $concentrations = array(); foreach (array(1, 2, 3) as $conc_num) { $curr_conc = $school['concentration' . $conc_num]; if ($curr_conc) { $concentrations[] = $curr_conc; } } $school_info->concentrations = $concentrations; $schools[] = $school_info; } } return $schools; }
# This program is distributed under the terms and conditions of the GPL # See the README and LICENSE files for details #---------------------------------------------------------------------- # --------------------------------------------------------------------- # User Edit Page # # $RCSfile: user_edit_page.php,v $ $Revision: 1.5 $ # --------------------------------------------------------------------- $display_options = session_set_display_options("user_edit", $_POST); $order_by = $display_options['order_by']; $order_dir = $display_options['order_dir']; $page_number = $display_options['page_number']; $row_style = ''; $user_assoc_project_names = array(); $rows_user_projects = user_get_projects_info($selected_user_id, $order_by, $order_dir); $user_info = user_get_info($selected_user_id); $selected_username = $user_info[USER_UNAME]; $selected_firstname = $user_info[USER_FNAME]; $selected_lastname = $user_info[USER_LNAME]; $selected_email = $user_info[USER_EMAIL]; $selected_phone = $user_info[USER_PHONE]; $selected_email = $user_info[USER_EMAIL]; $selected_admin = $user_info[USER_ADMIN]; $tempest_admin = user_has_rights($project_id, $user_id, ADMIN); $selected_user_tempest_admin = user_has_rights($project_id, $selected_user_id, ADMIN); $user_associated_project_names = array(); foreach ($rows_user_projects as $row_user_project) { $user_associated_project_names[$row_user_project[PROJ_ID]] = $row_user_project[PROJ_NAME]; } html_window_title(); html_print_body();
require_once 'core' . DIRECTORY_SEPARATOR . 'api.php'; access_ensure_check_action(ACTION_NOTES_SUBMIT); print_html_top(); print_head_top(); print_title($g_window_title); print_css($g_css_inc_file); print_head_bottom(); print_body_top(); print_header($g_page_title); print_top_page($g_top_page_inc); $f_note_id = gpc_get_int('f_note_id', 0); if (0 == $f_note_id) { $f_page_id = gpc_get_int('f_page_id'); $t_default_email = ''; if (ON == config_get('auto_set_email') && access_is_logged_in()) { $t_user_info = user_get_info(user_where_current()); if (false !== $t_user_info) { $t_default_email = $t_user_info['email']; } } $t_default_body = ''; $t_note_id = 0; } else { $t_note_info = note_get_info(note_where_id_equals($f_note_id)); if (false === $t_note_info) { # @@@@ proper error echo "no note with the specified id"; exit; } $t_default_email = $t_note_info['email']; $t_default_body = $t_note_info['note'];
<?php # phpWebNotes - a php based note addition system # Copyright (C) 2000-2002 Webnotes Team - webnotes-devel@sourceforge.net # This program is distributed under the terms and conditions of the GPL # See the files README and LICENSE for details # -------------------------------------------------------- # $Id: login.php,v 1.14 2002/09/26 12:03:58 vboctor Exp $ # -------------------------------------------------------- require_once 'core' . DIRECTORY_SEPARATOR . 'api.php'; $f_username = gpc_get_string('f_username'); $f_password = gpc_get_string('f_password'); $f_perm_login = gpc_get_string('f_perm_login', 'off'); $row = user_get_info(user_where_username_equals_and_enabled($f_username)); if ($row) { extract($row, EXTR_PREFIX_ALL, 'v'); } else { ### invalid login, retry util_header_redirect("{$g_login_page}?f_msg=error"); } if (password_match($f_password, $v_password)) { ### set permanent cookie (1 year) if (isset($f_perm_login) && $f_perm_login == "on") { if (!setcookie($g_string_cookie, $v_cookie_string, time() + $g_cookie_time_length, $g_cookie_url)) { # @@@@ Proper error message echo "Unable to set cookie"; exit; } } else { if (!setcookie($g_string_cookie, $v_cookie_string, 0, $g_cookie_url)) { # @@@@ Proper error message
function useredit($lang, $user_id) { global $system_languages, $supported_roles; $is_admin = user_has_role('administrator'); $is_owner = $user_id == user_profile('id'); $with_name = true; $with_status = ($user_id != 1 and $is_admin); $with_delete = ($user_id != 1 and $is_admin and !$is_owner); $with_newpassword = false; // ($user_id != 1 and $is_owner); $with_locale = count($system_languages) > 1 ? true : false; $with_role = ($user_id != 1 and $is_admin); $with_timezone = ($user_id != 1 and $is_admin); $with_website = true; $with_info = false; $confirmed = false; $action = 'init'; if (isset($_POST['useredit_modify'])) { $action = 'modify'; } if ($with_newpassword) { if (isset($_POST['useredit_change'])) { $action = 'change'; } } if ($with_delete) { if (isset($_POST['useredit_delete'])) { $action = 'delete'; } else { if (isset($_POST['useredit_confirmdelete'])) { $action = 'delete'; $confirmed = true; } else { if (isset($_POST['useredit_cancel'])) { $action = 'cancel'; } } } } $user_name = $user_mail = $user_locale = $user_timezone = false; $user_website = false; $user_active = $user_banned = false; $user_accessed = false; $user_role = false; $user_newpassword = false; $user_lastname = $user_firstname = false; $token = false; switch ($action) { case 'init': case 'reset': $r = user_get($user_id); if ($r) { extract($r); /* user_name user_password user_newpassword user_seed user_mail user_timezone user_website user_created user_modified user_accessed user_locale user_active user_banned */ } $user_newpassword = false; if ($with_info) { $r = user_get_info($user_id); if ($r) { extract($r); /* user_lastname, user_firstname */ } } if ($with_role) { $user_role = user_get_role($user_id); } break; case 'modify': case 'change': case 'delete': case 'cancel': if ($with_info) { if (isset($_POST['useredit_lastname'])) { $user_lastname = readarg($_POST['useredit_lastname']); } if (isset($_POST['useredit_firstname'])) { $user_firstname = readarg($_POST['useredit_firstname']); } } if (isset($_POST['useredit_name'])) { $user_name = strtolower(strflat(readarg($_POST['useredit_name']))); } if (isset($_POST['useredit_mail'])) { $user_mail = strtolower(strflat(readarg($_POST['useredit_mail']))); } if (isset($_POST['useredit_website'])) { $user_website = strtolower(strflat(readarg($_POST['useredit_website']))); } if (isset($_POST['useredit_timezone'])) { $user_timezone = readarg($_POST['useredit_timezone']); } if (isset($_POST['useredit_locale'])) { $user_locale = readarg($_POST['useredit_locale']); } if ($with_role) { if (isset($_POST['useredit_role'])) { $user_role = readarg($_POST['useredit_role']); } } if ($with_status) { if (isset($_POST['useredit_active'])) { $user_active = readarg($_POST['useredit_active']) == 'on'; } if (isset($_POST['useredit_banned'])) { $user_banned = readarg($_POST['useredit_banned']) == 'on'; } if (isset($_POST['useredit_accessed'])) { $user_accessed = (int) readarg($_POST['useredit_accessed']); } } if ($with_newpassword) { if (isset($_POST['useredit_newpassword'])) { $user_newpassword = readarg($_POST['useredit_newpassword']); } } if (isset($_POST['useredit_token'])) { $token = readarg($_POST['useredit_token']); } break; default: break; } $bad_token = false; $missing_lastname = false; $missing_firstname = false; $missing_name = false; $bad_name = false; $duplicated_name = false; $missing_mail = false; $bad_mail = false; $duplicated_mail = false; $bad_role = false; $bad_website = false; $missing_locale = false; $bad_locale = false; $bad_timezone = false; $missing_newpassword = false; $bad_newpassword = false; $account_modified = false; $password_changed = false; $internal_error = false; $contact_page = false; switch ($action) { case 'modify': if (!isset($_SESSION['useredit_token']) or $token != $_SESSION['useredit_token']) { $bad_token = true; } if ($with_info) { if (!$user_lastname) { $missing_lastname = true; } if (!$user_firstname) { $missing_firstname = true; } } if ($with_name and !$user_name) { $missing_name = true; } if ($user_name) { if (!validate_user_name($user_name)) { $bad_name = true; } else { if (!user_check_name($user_name, $user_id)) { $duplicated_name = true; } } } if (!$user_mail) { $missing_mail = true; } else { if (!validate_mail($user_mail)) { $bad_mail = true; } else { if (!user_check_mail($user_mail, $user_id)) { $duplicated_mail = true; } } } if ($user_role) { foreach ($user_role as $role) { if (!validate_role($role)) { $bad_role = true; break; } } } if ($user_website) { if (!validate_website($user_website)) { $bad_website = true; } else { $user_website = normalize_website($user_website); } } if ($user_timezone) { if (!validate_timezone($user_timezone)) { $bad_timezone = true; } } if ($with_locale and !$user_locale) { $missing_locale = true; } if ($user_locale) { if (!validate_locale($user_locale)) { $bad_locale = true; } } break; case 'change': if (!$user_newpassword) { $missing_newpassword = true; } else { if (!validate_password($user_newpassword)) { $bad_newpassword = true; } } break; default: break; } $confirm_delete = false; switch ($action) { case 'modify': if ($bad_token or $missing_name or $bad_name or $duplicated_name or $missing_mail or $bad_mail or $duplicated_mail or $bad_role or $bad_website or $bad_timezone or $missing_locale or $bad_locale or $missing_lastname or $missing_firstname) { break; } $r = user_set($user_id, $user_name, $user_mail, $user_website, $user_locale, $user_timezone); if (!$r) { $internal_error = true; break; } if ($is_owner) { $_SESSION['user']['name'] = $user_name; $_SESSION['user']['mail'] = $user_mail; $_SESSION['user']['website'] = $user_website; $_SESSION['user']['locale'] = $user_locale; $_SESSION['user']['timezone'] = $user_timezone; } if ($with_info) { $r = user_set_info($user_id, $user_lastname, $user_firstname); if (!$r) { $internal_error = true; break; } if ($is_owner) { $_SESSION['user']['lastname'] = $user_lastname; $_SESSION['user']['firstname'] = $user_firstname; } } if ($with_role) { $r = user_set_role($user_id, $user_role); if (!$r) { $internal_error = true; break; } } if ($with_status) { $r = user_set_status($user_id, $user_active, $user_banned); if (!$r) { $internal_error = true; break; } } $account_modified = true; break; case 'change': if ($missing_newpassword or $bad_newpassword) { break; } $r = user_set_newpassword($user_id, $user_newpassword); if (!$r) { $internal_error = true; break; } $password_changed = true; break; case 'delete': if (!$confirmed) { $confirm_delete = true; break; } $r = user_delete($user_id); if (!$r) { $internal_error = true; break; } return false; default: break; } $user_newpassword = false; if ($internal_error) { $contact_page = url('contact', $lang); } $_SESSION['useredit_token'] = $token = token_id(); $errors = compact('missing_name', 'bad_name', 'duplicated_name', 'missing_mail', 'bad_mail', 'duplicated_mail', 'bad_timezone', 'bad_website', 'missing_locale', 'bad_locale', 'missing_newpassword', 'bad_newpassword', 'missing_lastname', 'missing_firstname', 'internal_error', 'contact_page'); $infos = compact('account_modified', 'password_changed'); $output = view('useredit', $lang, compact('token', 'errors', 'infos', 'with_name', 'user_name', 'user_mail', 'with_timezone', 'user_timezone', 'with_website', 'user_website', 'with_role', 'user_role', 'supported_roles', 'with_locale', 'user_locale', 'with_status', 'user_banned', 'user_active', 'user_accessed', 'with_newpassword', 'user_newpassword', 'with_info', 'user_lastname', 'user_firstname', 'with_delete', 'confirm_delete')); return $output; }
function user_change_password($p_where, $p_old_password, $p_new_password, $p_verify_password = null) { $t_user = user_get_info($p_where); if (false === $t_user) { return false; ## error message printed by user_get_info(). } if (!access_verify_login($t_user['username'], $p_old_password)) { echo 'Original password is incorrect.<br />'; return false; } if ($p_verify_password !== null && $p_verify_password != $p_new_password) { echo 'New and verify passwords do not match.<br />'; return false; } $t_password = access_encrypt_password($p_new_password); $c_password = db_prepare_string($t_password); $query = "UPDATE " . config_get('phpWN_user_table') . "\r\n\t\t\t\tSET password='******'\r\n\t\t\t\tWHERE {$p_where}"; $result = db_query($query); if (false === $result) { return false; } return true; }
/** * Gets the ID of the user's avatar photo. 0 is the photo ID of the default avatar. * * @param int $user_id The user ID for which to get an avatar. * * @return int/bool If the user exists, there avatar's photo_id is returned; otherwise, false is returned and zero (0) can be used as their avatar's photo ID. */ function photos_get_user_avatar($user_id) { static $avatars = array(); // Is the avatar ID already cached? if (isset($avatar[$user_id])) { return $avatar[$user_id]; } // Get the user's avatar $response = user_get_info($user_id, array('photo_id')); // User data not found if (!$response[0] || !isset($response[1]['photo_id'])) { $avatars[$user_id] = 0; return false; } $avatars[$user_id] = $response[1]['photo_id']; return $avatars[$user_id]; }