public function save($title, $id, $content, $visibility)
{
// Load Session class
$this->load->library('session');
$where_array = array('art_id' => $id);
$this->db->select('art_title');
$this->db->from('ing_articles');
$this->db->where($where_array);
$query = $this->db->get();
if ($query->num_rows == 1) {
$article = $this->page_break($content);
$update_data = array('art_title' => $title, 'art_summary' => trim($article[0]), 'art_content' => isset($article[1]) ? trim($article[1]) : '', 'time' => db_time(), 'art_author' => $this->session->userdata('ing_control_user_name'), 'art_visibility' => $visibility == 'only_me' ? $this->session->userdata('ing_control_user_name') : $visibility);
$this->db->where($where_array);
$this->db->update('ing_articles', $update_data);
return TRUE;
} else {
return FALSE;
}
}
public function do_logout()
{
$session_data = array('ing_control_user_id' => '', 'ing_control_user_name' => '', 'ing_control_pass_string' => '', 'ing_control_user_role' => '');
// set the user status to 'offline'
$update_data = array('status_value' => 'offline', 'time' => db_time());
$where_data = array('user_id' => $this->session->userdata('ing_control_user_id'), 'status_key' => 'online_status');
$this->db->where($where_data);
$this->db->update('ing_user_status', $update_data);
// unset the session
$this->session->unset_userdata($session_data);
}
protected function checkBrute($iUserId)
{
$sSQL = "\n\t\t\tSELECT `status_value`, `time`\n\t\t\tFROM `user_status`\n\t\t\tWHERE `user_id` = '{$iUserId}' AND `status_key` = '{acc_status}'\n\t\t\tLIMIT 1\n\t\t";
$aStatus = $this->DB->query($sSQL);
$aStatus = $this->DB->fetch_array($aStatus);
$sStatusValue = $aStatus['status_value'];
$tTime = $aStatus['time'];
if ($sStatusValue == 'locked') {
$tDiff = time_diff_min($tTime);
if ($tDiff > 5) {
// update the account status to 'active'
$sSQL = "\n\t\t\t\t\tUPDATE `user_status`\n\t\t\t\t\tSET `status_value` = 'active', `time` = {db_time()}\n\t\t\t\t\tWHERE `user_id` = '{$iUserId}' AND `status_key` = 'acc_status'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t";
$this->DB->query($sSQL);
// delete the attempt table's user content
$sSQL = "\n\t\t\t\t\tDELETE FROM `user_login_attempts`\n\t\t\t\t\tWHERE `user_id` = {$iUserId}\n\t\t\t\t";
$this->DB->query($sSQL);
return FALSE;
} else {
return TRUE;
}
}
// Get timestamp of current time
$tNow = curTime();
// All login attempts are counted from the past 2 hours
$tValidAttempts = $tNow - 2 * 60 * 60;
$sSQL = "\n\t\t\t\n\t\t";
$where_array = array('user_id' => $user_id, 'time >' => $valid_attempts);
$this->db->select('time');
$this->db->from('ing_user_login_attempts');
$this->db->where($where_array);
$query = $this->db->get();
//$query = $this->db->query('SELECT time FROM ing_admin_login_attempts WHERE user_id = '.$this->db->escape($user_id).' AND time > '.$valid_attempts);
if ($query->num_rows() > 5) {
// set the account status to 'locked'
$update_data = array('status_value' => 'locked', 'time' => db_time());
$where_data = array('user_id' => $user_id, 'status_key' => 'acc_status');
$this->db->where($where_data);
$this->db->update('ing_user_status', $update_data);
return TRUE;
} else {
return FALSE;
}
}
public function logout()
{
$session_data = array('puncoz_acc_user_id' => '', 'puncoz_acc_user_name' => '', 'puncoz_acc_pass_string' => '', 'puncoz_acc_user_role' => '');
// set the user status to 'offline/verified'
$this->DB->query("UPDATE `users` SET `status` = 'verified', `status_time` = '" . db_time() . "' WHERE `user_id` = '{$this->iUserId}'");
// unset the session
$this->SESS->unset_userdata($session_data);
}
// create email
$sEmailHeader = 'From: ' . $sUserEmail . "\r\n" . 'Reply-To: ' . $sUserEmail . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$sEmailTo = '*****@*****.**';
$sEmailSubject = 'Hey, somebody sent you a mail from pankajnepal.com.np';
$sEmailBody = "Username : {$sUserName}\n\n\t\t\t\t\t\t\tUser email : {$sUserEmail}\n\n\t\t\t\t\t\t\tUser url : {$sUserURL}\n\n\t\t\t\t\t\t\t<br/>\r\n\n\t\t\t\t\t\t\tUser message : \n\n\t\t\t\t\t\t\t\n\n\t\t\t\t\t\t\t{$sUserMSG}\n\t\t\t\t\t\t\t";
@mail($sEmailTo, $sEmailSubject, $sEmailBody, $sEmailHeader);
}
} else {
if ($_GET['data'] == 'subs') {
if (isset($_POST['subsUserName']) && isset($_POST['subsUserEmail'])) {
$sUserName = $_POST['subsUserName'];
$sUserEmail = $_POST['subsUserEmail'];
// make variable safe
$sUserName = $DB->escape($sUserName);
$sUserEmail = $DB->escape($sUserEmail);
$tTime = db_time();
// "INSERT INTO `user_login_attempts` SET `user_ip_browser` = '{$user_ip_browser}', `time` = '{$time}'"
$sSQL = "INSERT INTO `user_subs` SET \n\t\t\t\t\t`name` = '{$sUserName}',\n\t\t\t\t\t`email` = '{$sUserEmail}',\n\t\t\t\t\t`time` = '{$tTime}'\n\t\t\t\t";
$DB->query($sSQL);
// create email
$sEmailHeader = 'From: ' . $sUserEmail . "\r\n" . 'Reply-To: ' . $sUserEmail . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$sEmailTo = '*****@*****.**';
$sEmailSubject = 'Hey, somebody let him know pankajnepal.com.np';
$sEmailBody = "Username : {$sUserName}\n\n\t\t\t\t\t\t\tUser email : {$sUserEmail}\n\n\t\t\t\t\t\t\t";
@mail($sEmailTo, $sEmailSubject, $sEmailBody, $sEmailHeader);
}
}
}
}
header('Location: /');
exit;