public function register($username, $password, $email, $first_name, $last_name, $state, $city)
{
if (value_exists("Registered_User", "username", $username)) {
return false;
} else {
db_add("Registered_User", sprintf("'%s','%s','%s', '%s', '%s', false, null, '%s', '%s', NOW()", $username, $password, $email, $first_name, $last_name, $state, $city));
}
}
function db_build($p, $o)
{
$f = db_f('test');
if ($p) {
db_add($f, $p);
}
$r = db_read($f);
return p($r, 1);
}
public function addClass($class_name, $subject)
{
if (value_exists("Classes", "class_name", $class_name)) {
return false;
} else {
db_add("Classes", sprintf("'%s', '%s'", $class_name, $subject));
$this->class_name = $class_name;
$this->subject = $subject;
return true;
}
}
public function createComment($doc_id, $username, $comment_body)
{
$comment_id = get_rand_num();
while (value_exists("Comment", "comment_id", $comment_id)) {
$comment_id = get_rand_num();
}
db_add("Comment", sprintf("'%d', '%d', '%s', '%s', 'false'", $comment_id, $doc_id, $username, mysql_escape_string($comment_body)));
$this->comment_id = $comment_id;
$this->doc_id = $doc_id;
$this->username = $username;
$this->comment_body = $comment_body;
$this->blocked = false;
}
function createPost($topic_id, $username, $post_content)
{
//get random doc_id
$post_id = get_rand_num();
while (value_exists("Forum_Post", "post_id", $post_id)) {
$post_id = get_rand_num();
}
db_add("Forum_Post", sprintf("'%d', '%d', '%s', '%s', 'false'", $post_id, $topic_id, $username, $post_content));
$this->post_id = $post_id;
$this->topic_id = $topic_id;
$this->username = $username;
$this->post_content = $post_content;
$this->blocked = false;
}
function createForum($username, $topic_name, $topic_description)
{
//get random doc_id
$topic_id = get_rand_num();
while (value_exists("Forum_Topic", "topic_id", $topic_id)) {
$topic_id = get_rand_num();
}
db_add("Forum_Topic", sprintf("'%d', '%s', '%s', '%s', 'false'", $topic_id, $username, $topic_name, $topic_description));
$this->topic_id = $topic_id;
$this->username = $username;
$this->topic_name = $topic_name;
$this->topic_description = $topic_description;
$this->blocked = false;
}
function add($data, $syntax, $ttl, $password, $cipher)
{
if (!empty($password)) {
// create a salt that ensures crypt creates an md5 hash
$base64_alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
$salt = '$5$';
for ($i = 0; $i < 16; $i++) {
$salt .= $base64_alphabet[rand(0, 63)];
}
$salt .= '$';
$password = crypt($password, $salt);
}
// submit new paste to server
return db_add($data, $syntax, $ttl, $password, $cipher);
}
public function register($username, $password, $email, $first_name, $last_name, $state, $city)
{
if (value_exists("Registered_User", "username", $username)) {
return false;
} else {
db_add("Registered_User", sprintf("'%s','%s','%s', '%s', '%s', false, null, '%s', '%s', NULL", $username, $password, $email, $first_name, $last_name, $state, $city));
}
//setting blocked date to NULL
/**
$db_conn = db_conn();
$query_string = "UPDATE Registered_User SET blocked_date=NULL where username='******'";
$results = mysqli_query($db_conn, $query_string);
mysqli_close($db_conn);
**/
}
public function createDocument($username, $class_name, $subject, $doc_name, $doc_type, $path_to_doc)
{
//get random doc_id
$doc_id = get_rand_num();
while (value_exists("Document", "doc_id", $doc_id)) {
$doc_id = get_rand_num();
}
$int = 1;
//get all documents where doc_name similar to $doc_name AND path_to_doc==$path_to_doc
$query_string = sprintf("SELECT * FROM `Document` WHERE doc_name LIKE '%s%%' AND path_to_doc='%s';", mysql_escape_string($doc_name), mysql_escape_string($path_to_doc));
$data = get_query($query_string);
if (isset($data)) {
//put results into an array
$doc_list = array();
while ($row = $data->fetch_assoc()) {
array_push($doc_list, $row['doc_name']);
}
$int = 0;
$new_doc_name = $doc_name;
while ($int < $data->num_rows) {
if (strcmp($doc_list[$int], $new_doc_name) == 0) {
$new_doc_name = sprintf("%s%d", $doc_name, $int);
$int = 0;
} else {
$int++;
}
}
} else {
$new_doc_name = $doc_name;
}
db_add("Document", sprintf("'%d', '%s', '%s', '%s', '%s', '%s', '%s', '0', '0', 'false'", $doc_id, $username, mysql_escape_string($class_name), $subject, mysql_escape_string($new_doc_name), $doc_type, mysql_escape_string($path_to_doc)));
$this->doc_name = $new_doc_name;
$this->username = $username;
$this->class_name = $class_name;
$this->subject = $subject;
$this->doc_type = $doc_type;
$this->path_to_doc = $path_to_doc;
$this->doc_id = $doc_id;
$this->blocked = false;
$this->upvotes = 0;
$this->downvotes = 0;
}
public function addSubject($subject)
{
db_add("Subject", sprintf("'%s'", $subject));
$this->subject = $subject;
}
/**
*
* Saves the info needed for later SLO:
* - Issuer of incoming response or receipient of out going response
* - Subject
* - Time when no longer valid @@todo notonorafter - for slo info
*
* SLO can be initiated from a back-end request so we need to be able
* to get to the subjects incoming and outgoing responses using only
* subject and entityid
*
* @param array $message
*/
public function saveSloInfo(array $message)
{
$issuer = $message['saml:Issuer']['__v'];
$me = $this->getCurrentMD('entityID');
if ($issuer == $me) {
// outgoing response
$type = 'SP';
$entity = $message['__']['destinationid'];
} else {
// incoming response
$type = 'IDP';
$entity = $issuer;
}
if (!nvl2($this->getRemoteEntity($entity), 'SP', 'saveSLOInfo')) {
return;
}
// @todo support SessionIndex and SubjectConfirmation, EncryptedID
$id = nvl3($message, 'saml:Assertion', 'saml:Subject', 'saml:NameID');
if (!$id) {
throw new Corto_ProxyServer_Exception("No NameID in message (EncryptedID not supported yet!)");
}
$sessionnotonorafter = nvl3($message, 'saml:Assertion', 'saml:AuthnStatement', '_SessionNotOnOrAfter');
$sessionindex = session_id();
$key = 'ID-' . sha1($me . serialize($id));
if ($notonorafter = db_del($key, 'notonorafter')) {
if ($notonorafter > timeStamp()) {
db_put($key, $notonorafter, 'notonorafter');
// be prepared for yet another one ...
throw new Corto_ProxyServer_Exception("A very rare, but yet unsupported situation has happened:\n An sssertion was received while an earlier LogoutRequest was still active: notonorafter = {$notonorafter}");
}
}
db_add($key, $sessionindex, 'session');
$info = array('entity' => $entity, 'nameID' => $id, 'nameIDType' => 'saml:NameID', 'sessionnotonorafter' => $sessionnotonorafter, 'session' => $sessionindex);
db_put($type . '-' . $sessionindex, $info, sha1($entity));
}
function removetag($idtag)
{
//from editor
if (!auth(6)) {
return;
}
$rb = sql('idart', 'qdta', 'rv', 'idtag="' . $idtag . '"');
//existing
if (!$rb) {
delete('qdt', $idtag);
}
db_add(db_f('rmtag'), $idtag . ':' . hostname());
return 'ok';
}
