function MXUser($newuser = null)
{
global $me, $mxdb, $notices, $mxsession, $mxlocale, $referrer, $browser;
$notices = array();
if ($browser) {
$this->browser = $browser->getUserAgent();
}
//error_log('newuser: '******'sha256', $this->password);
// create user in DB
$this->id = $mxdb->createuser($this);
if ($this->id > 0) {
//mx_sendnewpassword($this);
//error_log(print_r($this,true));
mx_sendconfirmationcode($this);
//-- no more necessary: $this->checkuserdir();
mx_setsession($this, time());
}
return $this;
} else {
if ($newuser && $newuser > 0) {
// act as a particular user (audioanalyse...)
$dbuser = $mxdb->getmxuser($newuser);
if ($dbuser) {
foreach ($dbuser as $key => $value) {
$this->{$key} = $dbuser->{$key};
}
}
} else {
if ($mxsession) {
$user = explode(',', $mxsession);
if (!$user[0] || time() - $user[1] > 1200) {
// 20 mins timeout
$this->id = 0;
unset($_SESSION['mxsession']);
unset($mxsession);
return;
}
$dbuser = $mxdb->getmxuser($user[0]);
if (md5($dbuser->pwdhash . $dbuser->id . $_SERVER['REMOTE_ADDR'] . $user[1] . '12031968') == $user[2] && $dbuser->status >= 0) {
//die(print_r($mxsession));
foreach ($dbuser as $key => $value) {
$this->{$key} = $dbuser->{$key};
}
} else {
//die(md5($dbuser->pwdhash.$dbuser->id.$_SERVER['REMOTE_ADDR'].$user[1].'12031968').' / '.print_r($mxsession,true));
$this->id = 0;
unset($_SESSION['mxsession']);
unset($mxsession);
return;
}
// update session timeout
mx_setsession($this, time());
//die('mxsession='.$mxsession.' pwdhash='.$dbuser->pwdhash.' md5='.md5($dbuser->pwdhash));
} else {
if ($me) {
//error_log('facebook ok!');
$this->referrer = $referrer ? $referrer : 0;
// retrieve referrer before creating account
$this->fb2mx();
// check if user in DB
if (($dbuser = $mxdb->getfbuser($me['id'])) && $dbuser->status >= 0) {
//error_log('account exists');
foreach ($dbuser as $key => $value) {
$this->{$key} = $dbuser->{$key};
//htmlspecialchars($dbuser->$key,ENT_QUOTES);
}
} else {
if (($dbuser = $mxdb->getemailuser($me['email'])) && $dbuser->status >= 0) {
//error_log('account email exists -> adding FB');
foreach ($dbuser as $key => $value) {
$this->{$key} = $dbuser->{$key};
//htmlspecialchars($dbuser->$key,ENT_QUOTES);
}
$this->setoption('fbid', $me['id']);
} else {
if ($dbuser && $dbuser->status < 0) {
$this->id = 0;
unset($_SESSION['mxsession']);
unset($mxsession);
return $this;
} else {
//error_log('account non-existant');
$this->hashdir = sha1($this->fbid . time());
// generate temporary password for access without FB
$this->password = mx_genpassword();
$this->pwdhash = hash('sha256', $this->password);
// create user in DB
$this->id = $mxdb->createuser($this);
if (!$this->fbverified) {
mx_sendconfirmationcode($this);
}
// not a verified FB user -> send confcode to email
mx_sendnewpassword($this);
// save profile pictures
//mx_sendnotice('green',_('Learn more about MusXpand...'),'main','musxpand');
//mx_sendnotice('green',_('Also learn about MusXpace...'),'musxpace','');
}
}
}
//$this->checkuserdir();
if ($this->id && !$this->picture) {
$this->savefbpics();
}
if ($this->id > 0) {
mx_setsession($this, time());
}
} else {
// not logged in
//error_log('not logged in');
$this->id = 0;
unset($_SESSION['mxsession']);
unset($mxsession);
return $this;
}
}
}
}
}
if ($this->id) {
/*if (!$this->fullname) {
$this->fullname=_('*** New User ***');
}*/
$mxlocale = $this->locale;
$_SESSION['mxlocale'] = $mxlocale;
//error_log(print_r($this,true));
/*if ($this->status==MXACCTDISABLED)
mx_sendnotice('red',_('Re-enable your account.'),'account','register','sendagain');*/
if ($this->status == MXACCTUNCONFIRMED) {
mx_sendnotice('red', _('Confirm your email.'), 'account', 'confirm');
}
if (!$this->acctype && $this->status > MXACCTUNDEFINED && $this->status < MXACCTSETUP) {
mx_sendnotice('red', _('Set up your account.'), 'account', 'setup');
}
//if (!$this->island_id || !$this->archi_id)
// mx_sendnotice('yellow',_('Choose Your Island...'),'account','mymusxp');
$tmpfiles = $this->gettmpmedia();
if ($tmpfiles && $this->gettmpmedia($tmpfiles)) {
mx_sendnotice('yellow', _('You uploaded media that need more information'), 'account', 'mystuff', 'upload');
}
$this->newmsgs = $this->checknewmessages();
$this->subs = $this->checksubs();
$this->cart = $this->getcart();
$this->lastseen = $this->lastseen();
if (!$this->invitecode) {
$this->setoption('invitecode', hash('sha1', time()));
}
}
/*if (!$this->fullname) {
$this->fullname=_('Visitor');
}*/
//die(print_r($mxsession));
//if ($this->timezone) {
if (!$this->timezone || preg_match('%^[-0-9]%', $this->timezone)) {
$this->timezone = 'UTC';
}
date_default_timezone_set($this->timezone);
//}
//error_log('TZ:'.$this->timezone);
return $this;
}
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with musxpand. If not, see <http://www.gnu.org/licenses/>.
Copyright � 2010 by Philippe Hilger
*/
include_once 'includes/mx_init.php';
require_once 'ext_includes/fileuploader.php';
if (!$mxuser->id) {
$result = array('error' => 'You have been idle for too long. Please reload the page.');
print_r(htmlspecialchars(json_encode($result), ENT_NOQUOTES));
die;
}
// increase timeout
mx_setsession($mxuser, time() + 1200);
// list of valid extensions, ex. array("jpeg", "xml", "bmp")
$allowedExtensions = array('mp3', 'jpg', 'jpeg', 'png', 'gif', 'doc', 'pdf', 'm4v', 'mp4', 'mov');
// max file size in bytes
$sizeLimit = MXMAXFILESIZE;
$uploader = new qqFileUploader($allowedExtensions, $sizeLimit);
// --- removed to save to a global /users/tmp dir on the web server, then addmedia moves to S3
//$userdir = mx_option('usersdir').'/'.$mxuser->hashdir;
//$mxuser->checkuserdir();
//$result = $uploader->handleUpload($userdir.'/tmp/',true);
// --- end
//error_log("before upload\n");
$result = $uploader->handleUpload(mx_option('usersdir') . '/tmp/', true);
//error_log("after upload\n");
if (!array_key_exists('error', $result)) {
switch (strtolower(pathinfo($uploader->getName(), PATHINFO_EXTENSION))) {
