function dbCheckUser(&$session, $user, $code) { $session->trace(TC_Db1, 'dbCheckUser'); $uid = dbUserId($session, $user); if (!$uid) { $rc = 1; } else { $fields = dbSingleRecord($session, 'select id,code,locked,theme,width,height,maxhits,postingsperpage,' . 'threadsperpage,startpage from ' . dbTable($session, "user") . ' where name="' . $user . '";'); if ($fields == null) { $rc = 1; } elseif ($fields[1] == '') { $rc = 0; } else { $code = encryptPassword($session, $user, $code); $session->trace(TC_Db1, 'dbCheckUser akt/db: ' . $code . " / " . $fields[1]); $rc = strcmp($code, $fields[1]) == 0 ? 0 : 2; } } // $count != 0 switch ($rc) { case 1: $rc = "Nicht definiert: {$user}"; break; case 2: $session->trace(TC_Db1, 'dbCheckUser-4:' . $code . " / " . $fields[1]); $rc = "Passwort nicht korrekt!"; break; case 3: $rc = "Benutzer gesperrt!"; break; default: $rc = ''; $session->setSessionUser($fields[0]); #function setUserData ($id, $name, $theme, $width, $height, # $maxhits, $postingsperpage, $threadsperpage, $startpage) { $session->setUserData($fields[0], $user, $fields[3], $fields[4], $fields[5], $fields[6], $fields[7], $fields[8], $fields[9]); break; } $session->trace(TC_Db1, 'dbCheckUser: rc="' . $rc . '"'); return $rc; }
function dbCheckUser(&$session, $user, $code) { global $session_user; $session->trace(TC_Db1, 'dbCheckUser'); $uid = dbUserId($session, $user); if (!$uid) { $rc = 1; } else { $fields = dbSingleRecord($session, 'select id,code,rights,locked,theme,width,height,maxhits,postingsperpage,' . 'threadsperpage,startpage from ' . dbTable($session, "user") . ' where name="' . $user . '";'); if ($fields == null) { $rc = 1; } elseif ($fields[1] == '') { $rc = 0; } else { $code = encryptPassword($session, $user, $code); $rc = true || strcmp($code, $fields[1]) == 0 ? 0 : 2; } } // $count != 0 switch ($rc) { case 1: $rc = "Nicht definiert: {$user}"; break; case 2: $rc = "Passwort nicht korrekt!"; break; case 3: $rc = "Benutzer gesperrt!"; break; default: $rc = ''; $session_user = $fields[0]; $session->setUserData($session_user, $user, $fields[2], $fields[4], $fields[5], $fields[6], $fields[7], $fields[8], $fields[9], $fields[10]); $session->setMacros(); break; } return $rc; }
function baseAccountAnswer(&$session, $user) { $session->trace(TC_Gui1, 'baseAccountAnswer'); $message = ''; $code = encryptPassword($session, $_POST['account_user'], $_POST['account_code']); $locked = dbSqlString($session, !empty($_POST['account_locked'])); if (!empty($_POST['account_startpageoffer'])) { $_POST['account_startpage'] = $_POST['account_startpageoffer']; } if (isset($_POST['account_new'])) { if ($_POST['account_user2'] == '') { $message = '+++ Kein Benutzername angegeben'; } elseif (dbGetValueByClause($session, T_User, 'count(*)', 'name=' + dbSqlString($session, $_POST['account_user'])) > 0) { $message = '+++ Name schon vorhanden: ' + $_POST['account_user2']; } else { $uid = dbUserAdd($session, $_POST['account_user2'], $code, dbSqlString($session, false), $_POST['account_theme'], $_POST['account_width'], $_POST['account_height'], $_POST['account_maxhits'], $_POST['account_startpage'], $_POST['account_email']); modUserStoreData($session, true, $uid); $message = 'Benutzer ' . $_POST['account_user2'] . ' wurde angelegt. ID: ' . $uid; } } elseif (isset($_POST['account_change'])) { if (!empty($_POST['account_code']) && $_POST['account_code'] != $_POST['account_code2']) { $message = '+++ Passwort stimmt mit Wiederholung nicht überein'; } elseif (!($uid = dbUserId($session, $_POST['account_user'])) || empty($uid)) { $message = '+++ unbekannter Benutzer: ' . $_POST['account_name']; } elseif (($message = modUserCheckData($session, true, $uid)) != null) { } else { if (empty($_POST['account_theme'])) { $_POST['account_theme'] = Theme_Standard; } $what = 'locked=' . $locked . ','; if (!empty($_POST['account_code'])) { $what .= 'code=' . dbSqlString($session, $code) . ","; } $what .= 'theme=' . $_POST['account_theme'] . ',width=' . (0 + $_POST['account_width']) . ',height=' . (0 + $_POST['account_height']) . ',maxhits=' . (0 + $_POST['account_maxhits']) . ',startpage=' . dbSqlString($session, $_POST['account_startpage']) . ',email=' . dbSqlString($session, $_POST['account_email']) . ','; dbUpdate($session, T_User, $uid, $what); modUserStoreData($session, false, $uid); $message = 'Daten für ' . $_POST['account_user'] . ' (' . $uid . ') wurden geändert'; } } elseif ($_POST['account_other']) { if (empty($_POST['account_user2'])) { $message = '+++ kein Benutzername angegeben'; } elseif (!dbUserId($session, $_POST['account_user2'])) { $message = '+++ Unbekannter Benutzer: ' . $_POST['account_user2']; } } else { $message = 'keine Änderung'; } baseAccount($session, $message); }
function baseAccountAnswer(&$session, $user) { global $account_user, $account_code, $account_code2, $account_email, $account_rights, $account_locked, $account_new, $account_change, $account_name, $account_other, $account_user2, $account_theme, $account_width, $account_height, $account_maxhits, $account_startpage, $account_startpageoffer; $session->trace(TC_Gui1, 'baseAccountAnswer'); $message = ''; $code = encryptPassword($session, $account_user, $account_code); $locked = dbSqlString($session, !empty($account_locked)); if (!empty($account_startpageoffer)) { $account_startpage = $account_startpageoffer; } if (isset($account_new)) { if ($account_user2 == '') { $message = '+++ Kein Benutzername angegeben'; } elseif (dbGetValueByClause($session, T_User, 'count(*)', 'name=' + dbSqlString($session, $account_user)) > 0) { $message = '+++ Name schon vorhanden: ' + $account_user2; } else { $uid = dbUserAdd($session, $account_user2, $code, $session->fUserRights, dbSqlString($session, false), $account_theme, $account_width, $account_height, $account_maxhits, $account_startpage, $account_email); modUserStoreData($session, true, $uid); $message = "Benutzer {$account_user2} wurde angelegt. ID: " . $uid; } } elseif (isset($account_change)) { if (!empty($account_code) && $account_code != $account_code2) { $message = '+++ Passwort stimmt mit Wiederholung nicht überein'; } elseif (!($uid = dbUserId($session, $account_user)) || empty($uid)) { $message = '+++ unbekannter Benutzer: ' . $account_name; } elseif (($message = modUserCheckData($session, true, $uid)) != null) { } else { if (empty($account_theme)) { $account_theme = Theme_Standard; } $what = 'rights=' . dbSqlString($session, $account_rights) . ',locked=' . $locked . ','; if (!empty($account_code)) { $what .= 'code=' . dbSqlString($session, $code) . ","; } $what .= "theme={$account_theme},width={$account_width}," . 'height=' . (0 + $account_height) . ',maxhits=' . (0 + $account_maxhits) . ',startpage=' . dbSqlString($session, $account_startpage) . ',email=' . dbSqlString($session, $account_email) . ','; dbUpdate($session, T_User, $uid, $what); modUserStoreData($session, false, $uid); $message = 'Daten für ' . $account_user . ' (' . $uid . ') wurden geändert'; } } elseif ($account_other) { if (empty($account_user2)) { $message = '+++ kein Benutzername angegeben'; } elseif (!dbUserId($session, $account_user2)) { $message = '+++ Unbekannter Benutzer: ' . $account_user2; } } else { $message = 'keine Änderung'; } baseAccount($session, $message); }