function MXUser($newuser = null) { global $me, $mxdb, $notices, $mxsession, $mxlocale, $referrer, $browser; $notices = array(); if ($browser) { $this->browser = $browser->getUserAgent(); } //error_log('newuser: '******'sha256', $this->password); // create user in DB $this->id = $mxdb->createuser($this); if ($this->id > 0) { //mx_sendnewpassword($this); //error_log(print_r($this,true)); mx_sendconfirmationcode($this); //-- no more necessary: $this->checkuserdir(); mx_setsession($this, time()); } return $this; } else { if ($newuser && $newuser > 0) { // act as a particular user (audioanalyse...) $dbuser = $mxdb->getmxuser($newuser); if ($dbuser) { foreach ($dbuser as $key => $value) { $this->{$key} = $dbuser->{$key}; } } } else { if ($mxsession) { $user = explode(',', $mxsession); if (!$user[0] || time() - $user[1] > 1200) { // 20 mins timeout $this->id = 0; unset($_SESSION['mxsession']); unset($mxsession); return; } $dbuser = $mxdb->getmxuser($user[0]); if (md5($dbuser->pwdhash . $dbuser->id . $_SERVER['REMOTE_ADDR'] . $user[1] . '12031968') == $user[2] && $dbuser->status >= 0) { //die(print_r($mxsession)); foreach ($dbuser as $key => $value) { $this->{$key} = $dbuser->{$key}; } } else { //die(md5($dbuser->pwdhash.$dbuser->id.$_SERVER['REMOTE_ADDR'].$user[1].'12031968').' / '.print_r($mxsession,true)); $this->id = 0; unset($_SESSION['mxsession']); unset($mxsession); return; } // update session timeout mx_setsession($this, time()); //die('mxsession='.$mxsession.' pwdhash='.$dbuser->pwdhash.' md5='.md5($dbuser->pwdhash)); } else { if ($me) { //error_log('facebook ok!'); $this->referrer = $referrer ? $referrer : 0; // retrieve referrer before creating account $this->fb2mx(); // check if user in DB if (($dbuser = $mxdb->getfbuser($me['id'])) && $dbuser->status >= 0) { //error_log('account exists'); foreach ($dbuser as $key => $value) { $this->{$key} = $dbuser->{$key}; //htmlspecialchars($dbuser->$key,ENT_QUOTES); } } else { if (($dbuser = $mxdb->getemailuser($me['email'])) && $dbuser->status >= 0) { //error_log('account email exists -> adding FB'); foreach ($dbuser as $key => $value) { $this->{$key} = $dbuser->{$key}; //htmlspecialchars($dbuser->$key,ENT_QUOTES); } $this->setoption('fbid', $me['id']); } else { if ($dbuser && $dbuser->status < 0) { $this->id = 0; unset($_SESSION['mxsession']); unset($mxsession); return $this; } else { //error_log('account non-existant'); $this->hashdir = sha1($this->fbid . time()); // generate temporary password for access without FB $this->password = mx_genpassword(); $this->pwdhash = hash('sha256', $this->password); // create user in DB $this->id = $mxdb->createuser($this); if (!$this->fbverified) { mx_sendconfirmationcode($this); } // not a verified FB user -> send confcode to email mx_sendnewpassword($this); // save profile pictures //mx_sendnotice('green',_('Learn more about MusXpand...'),'main','musxpand'); //mx_sendnotice('green',_('Also learn about MusXpace...'),'musxpace',''); } } } //$this->checkuserdir(); if ($this->id && !$this->picture) { $this->savefbpics(); } if ($this->id > 0) { mx_setsession($this, time()); } } else { // not logged in //error_log('not logged in'); $this->id = 0; unset($_SESSION['mxsession']); unset($mxsession); return $this; } } } } } if ($this->id) { /*if (!$this->fullname) { $this->fullname=_('*** New User ***'); }*/ $mxlocale = $this->locale; $_SESSION['mxlocale'] = $mxlocale; //error_log(print_r($this,true)); /*if ($this->status==MXACCTDISABLED) mx_sendnotice('red',_('Re-enable your account.'),'account','register','sendagain');*/ if ($this->status == MXACCTUNCONFIRMED) { mx_sendnotice('red', _('Confirm your email.'), 'account', 'confirm'); } if (!$this->acctype && $this->status > MXACCTUNDEFINED && $this->status < MXACCTSETUP) { mx_sendnotice('red', _('Set up your account.'), 'account', 'setup'); } //if (!$this->island_id || !$this->archi_id) // mx_sendnotice('yellow',_('Choose Your Island...'),'account','mymusxp'); $tmpfiles = $this->gettmpmedia(); if ($tmpfiles && $this->gettmpmedia($tmpfiles)) { mx_sendnotice('yellow', _('You uploaded media that need more information'), 'account', 'mystuff', 'upload'); } $this->newmsgs = $this->checknewmessages(); $this->subs = $this->checksubs(); $this->cart = $this->getcart(); $this->lastseen = $this->lastseen(); if (!$this->invitecode) { $this->setoption('invitecode', hash('sha1', time())); } } /*if (!$this->fullname) { $this->fullname=_('Visitor'); }*/ //die(print_r($mxsession)); //if ($this->timezone) { if (!$this->timezone || preg_match('%^[-0-9]%', $this->timezone)) { $this->timezone = 'UTC'; } date_default_timezone_set($this->timezone); //} //error_log('TZ:'.$this->timezone); return $this; }
GNU General Public License for more details. You should have received a copy of the GNU General Public License along with musxpand. If not, see <http://www.gnu.org/licenses/>. Copyright � 2010 by Philippe Hilger */ include_once 'includes/mx_init.php'; require_once 'ext_includes/fileuploader.php'; if (!$mxuser->id) { $result = array('error' => 'You have been idle for too long. Please reload the page.'); print_r(htmlspecialchars(json_encode($result), ENT_NOQUOTES)); die; } // increase timeout mx_setsession($mxuser, time() + 1200); // list of valid extensions, ex. array("jpeg", "xml", "bmp") $allowedExtensions = array('mp3', 'jpg', 'jpeg', 'png', 'gif', 'doc', 'pdf', 'm4v', 'mp4', 'mov'); // max file size in bytes $sizeLimit = MXMAXFILESIZE; $uploader = new qqFileUploader($allowedExtensions, $sizeLimit); // --- removed to save to a global /users/tmp dir on the web server, then addmedia moves to S3 //$userdir = mx_option('usersdir').'/'.$mxuser->hashdir; //$mxuser->checkuserdir(); //$result = $uploader->handleUpload($userdir.'/tmp/',true); // --- end //error_log("before upload\n"); $result = $uploader->handleUpload(mx_option('usersdir') . '/tmp/', true); //error_log("after upload\n"); if (!array_key_exists('error', $result)) { switch (strtolower(pathinfo($uploader->getName(), PATHINFO_EXTENSION))) {