static function validate_login($user_name, $user_pass) { global $conex; if ($user_pass == '') { return 'INCORRECT'; } $sql_word = digest(substr($user_name, 0, 2) . $user_pass); $sql = 'SELECT user_id, full_name, email, last_login_datetime, ul.level_name, user_level, is_member, blocked_ind, pasapalabra, deleted_ind, control_code, required_change_pwd FROM users u LEFT JOIN users_levels ul ON u.user_level = ul.level_value WHERE email = \'' . $user_name . '\''; $my_select = my_query($sql, $conex); # Possible statuses to return from this function: # NORMAL: usr and pwd are correct and the user is in normal condition # INCORRECT: usr doesn't exist or pwd doesn't match # FIRST: usr and pwd are correct and it is the first time the user logs in # DELETED: user has been deleted and can't login. treat as an incorrect. # BLOCKED: user has been blocked. Show block info # MIGRATED: user doesn't have a password. Show screen to create password and insert control code and send control code. # NOT_VALIDATED:user hasn't validated the e-mail address. Can login, when it is validaded the user will be able to place bookings. # CHG_PWD_REQ: user must change password before logging in. $user_arr = my_fetch_array($my_select); if (my_num_rows($my_select)) { if ($user_arr['pasapalabra'] == '') { return 'MIGRATED'; } elseif ($user_arr['pasapalabra'] == $sql_word) { if ($user_arr['deleted_ind'] == '1') { return 'DELETED'; } elseif ($user_arr['blocked_ind'] == '1') { return 'BLOCKED'; } elseif ($user_arr['required_change_pwd'] == '1') { return 'CHG_PWD_REQ'; } elseif ($user_arr['control_code'] != '') { return 'NOT_VALIDATED'; } elseif ($user_arr['last_login_datetime'] == '') { return 'FIRST'; } else { return 'NORMAL'; } } else { return 'INCORRECT'; } } else { return 'NOT_EXIST'; } }
function print_combo_db($parameters) { # prints a combo selector with the data from $table # # $parameters: table -> table (required) # code_field -> code field (required) # desc_field -> description field, if not translated: get that; else make inner join with translation table (required if not trans) # name -> name of the combo # selected -> code of the field selected # on_change -> call to a JS function to be called by 'onChange' event # class -> class for the style of the combo # extra_condition -> condition like ' extra_field = \'ex_field_value\'' # substr -> (#) number that indicates the max number of characters to display # empty -> (1/0) inserts an empty option at the beggining # detail -> (1/0) prints de code also with the options 01 : Option 1 # order -> field name and way to order: ' Name ASC'; # disabled -> if true shows the combo disabled. # tabindex -> tab index inside the form # no_header -> (1/0) prints only the options global $conex; if ($parameters['table'] && $parameters['code_field']) { # prepare sql $my_code_field = $parameters['code_field']; if ($parameters['desc_field']) { $my_desc_field = $parameters['desc_field']; } else { return; } if ($parameters['extra_condition']) { $my_condition = ' WHERE ' . $parameters['extra_condition']; } if ($parameters['order']) { $my_order = ' ORDER BY ' . $parameters['order']; } $sql = 'SELECT ' . $my_code_field . ', ' . $my_desc_field . ' FROM ' . $parameters['table'] . $my_condition . $my_order; $my_select = @my_query($sql, $conex); if ($my_select) { # draw the combo if (!isset($parameters['no_header'])) { $parameters['no_header'] = 0; } $str_on_change = $parameters['on_change'] ? ' onchange="' . $parameters['on_change'] . '" ' : ''; $str_class = $parameters['class'] ? ' class="' . $parameters['class'] . '" ' : ''; $str_disabled = $parameters['disabled'] ? ' disabled="disabled" ' : ''; $str_tabindex = isset($parameters['tabindex']) ? ' tabindex="' . $parameters['tabindex'] . '" ' : ''; if ($parameters['no_header'] == 0) { print '<select name="' . $parameters['name'] . '"' . $str_on_change . $str_class . $str_disabled . $str_tabindex . '>'; if ($parameters['empty']) { print '<option value=""></option>'; } } while ($result = my_fetch_array($my_select, MYSQL_BOTH)) { if ($parameters['selected'] == $result[$my_code_field]) { $str_selected = ' SELECTED'; } else { $str_selected = ''; } if ($parameters['detail']) { $result[$my_desc_field] = $result[$my_code_field] . ' : ' . $result[$my_desc_field]; } if ($parameters['substr'] && strlen($result[$my_desc_field]) > $parameters['substr']) { $str_option = substr($result[$my_desc_field], 0, $parameters['substr']) . '...'; } else { $str_option = $result[$my_desc_field]; } print '<option value="' . $result[$my_code_field] . '"' . $str_selected . '>' . htmlentities($str_option) . '</option>'; } if ($parameters['no_header'] == 0) { print '</select>'; } } } }