예제 #1
0
function execSignup($username, $password, $confirmpw, $firstname, $lastname, $gender)
{
    if ($username == "" || !isValidUsername($username)) {
        return "Username is empty or invalid!";
    }
    if ($password == "" || !isValidPassword($password)) {
        return "Password is empty or invalid!";
    }
    if ($confirmpw == "" || !isValidPassword($confirmpw)) {
        return "Confirm Password is empty or invalid!";
    }
    if ($firstname == "" || !isValidName($firstname)) {
        return "First Name is empty or invalid!";
    }
    if ($lastname == "" || !isValidName($lastname)) {
        return "Last Name is empty or invalid!";
    }
    if ($gender == "" || !isValidGender($gender)) {
        return "Gender is empty or invalid!";
    }
    $userDAO = new UserDAO();
    //verify username exist
    $result = $userDAO->getUserByUsername($username);
    if ($result !== null) {
        return "Username exists, please change to another one!";
    }
    //verify $password == $confirmpw
    if ($password != $confirmpw) {
        return "Password and Confirm Password must be same!";
    }
    $roleDAO = new RoleDAO();
    $role = $roleDAO->getRoleByID(3);
    //normal user
    $departmentDAO = new DepartmentDAO();
    $depart = $departmentDAO->getDepartmentByID(1);
    //root department
    $encryptPW = encryptPassword($password);
    $photoURL = "photo/default.png";
    $user = new User($role, $depart, $username, $encryptPW, $firstname, $lastname, $gender, $photoURL);
    if ($userDAO->insertUser($user) === true) {
        return true;
    } else {
        return "Insert user into table error, please contact administrator!";
    }
}
예제 #2
0
function execLogin($username, $password)
{
    $username = (string) $username;
    $password = (string) $password;
    if ($username == "" || $password == "") {
        return "Username or password can not be empty!";
    }
    if (!isValidUsername($username) || !isValidPassword($password)) {
        return "Username or password is invalid!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByUsername($username);
    if ($user === null || !verifyPassword($password, $user->getPassword())) {
        return "There is no user account matching the Username and Password provided.";
    }
    if ($user->getRole()->getRoleID() == "4") {
        return "This user was forbidden to login!";
    }
    login($user->getUserID());
    return true;
}
예제 #3
0
 /**
  * Get all public annotations for a particular point in the text of a particular URL.
  *
  * @param $url string
  * @param $username string
  * @param $block string
  * @return array Annotations
  */
 function &getVisibleAnnotationsByUrlUserBlock($url, $username, $block, $all)
 {
     $annotations = array();
     $currentUser = Request::getUser();
     $query = 'SELECT a.*' . ', u.username AS userlogin' . ", concat(u.first_name,' ',u.middle_name,' ',u.last_name) AS username" . ' FROM annotations a' . ' JOIN users u ON u.user_id=a.userid' . ' WHERE ';
     $queryParams = array();
     if ($url) {
         array_push($queryParams, $url);
         $query .= "a.url=?";
     } else {
         $query .= '1=1';
     }
     // Only fetch annotations visible to the current user
     $findUserId = 0;
     if ($username) {
         $userdao = new UserDAO();
         $tuser = $userdao->getUserByUsername($username);
         if ($tuser) {
             if ($currentUser && ($currentUser->getUsername() == $username || $all)) {
                 $query .= " AND a.userid=?";
             } elseif ($username) {
                 $query .= ' AND a.access_perms&' . AN_ACCESS_PUBLIC . ' AND a.userid=?';
             }
             array_push($queryParams, $tuser->getUserId());
         } else {
             $query .= ' AND 1=0';
         }
     } elseif (!$all) {
         $query .= ' AND a.access_perms&' . AN_ACCESS_PUBLIC;
     }
     if ($block) {
         // This implementation ignores the word and char fields of point
         $testBlockStr = $block->getPaddedPathStr();
         $query .= " AND a.start_block <= ? AND a.end_block >= ?";
         array_push($queryParams, $testBlockStr, $testBlockStr);
     }
     $query .= " ORDER BY a.start_block, a.start_line, a.start_word, a.start_char";
     $result =& $this->retrieve($query, $queryParams);
     if (DEBUG_ANNOTATION_QUERY) {
         echo "\n<p>" . htmlspecialchars($query) . "</p>\n";
         echo "<p>";
         for ($i = 0; $i < count($queryParams); ++$i) {
             echo ($i > 0 ? ' , ' : '') . $queryParams[$i];
         }
         echo "</p>\n";
     }
     $annotations = array();
     while (!$result->EOF) {
         $annotations[] =& $this->_returnAnnotationfromRow($result->GetRowAssoc(false));
         $result->MoveNext();
     }
     $result->Close();
     unset($result);
     return $annotations;
 }