Tryag File Manager
Home
-
Turbo Force
Current Path :
/
home
/
cluster1
/
data
/
bu01
/
1121861
/
html
/
jlex
/
php5
/
Upload File :
New :
File
Dir
/home/cluster1/data/bu01/1121861/html/jlex/php5/account_manager.php5
<? include_once("db_loader.php5"); include_once("db_connection.php5"); include_once("query_object.php5"); include_once("mysql_to_xml.php5"); class account_manager { public $INVALID_PASSWORD = 0; public $INVALID_USERNAME = 1; public $VALID_LOGIN = 2; public $VALID_ADMIN = 3; public $USERNAME_TAKEN = 4; public $CREATED_NEW_ACCOUNT = 5; public $CREATE_ADMIN = 6; public $INVALID_ADMIN = 7; function verify_password($username, $password) { $query = "SELECT password_0 FROM user_user WHERE username_0='$username'"; $query_result = mysql_query($query); $num_rows = mysql_num_rows($query_result); $result = -1; if($num_rows == 1) { $row = mysql_fetch_assoc($query_result); $db_password = $row["password_0"]; if($db_password != $password) { $result = $this->INVALID_PASSWORD; } else { if($this->is_admin($username) == $this->VALID_ADMIN) { $result = $this->VALID_ADMIN; } else { $result = $this->VALID_LOGIN; } } } else { $result = $this->INVALID_USERNAME; } return $result; } function create_account($form_vars,$access_codes) { $username = $form_vars["username"]; $form_var_names = array("fname","lname","email","username","password"); $query = "SELECT count(*) FROM user_user WHERE username_0='$username'"; $query_result = mysql_query($query); $row = mysql_fetch_assoc($query_result); $num = $row["count(*)"]; $result = -1; if($num != 0) { $result = $this->USERNAME_TAKEN; } else { $date = date("Y-m-d (g:i a)"); $xml = "<object><user>\n"; $xml .= "<date>$date</date>\n"; foreach($form_var_names as $var_name) { $xml .= "<$var_name>".$form_vars[$var_name]."</$var_name>\n"; } $access_code = $form_vars["access_code"]; if(array_search($access_code,$access_codes) == "admin") { $xml .= "<admin>true</admin>\n"; $result = $this->CREATED_ADMIN; } else { $result = $this->CREATED_NEW_ACCOUNT; } $xml .= "<login_count>1</login_count>\n"; $xml .= "<last_login>$date</last_login>\n"; $xml .= "</user>\n"; $xml .= "</object>\n"; $dl = new db_loader(); $dl->xml_to_db_bulk("user","../user/schema.xml",$xml,$dl->UPDATE_DATABASE); $xml = "<object><user_refs><username>$username</username></user_refs></object>"; $dl = new db_loader(); $dl->xml_to_db_bulk("mydict","../mydict/schema.xml",$xml,$dl->UPDATE_DATABASE); } return $result; } function list_accounts($stylesheet) { $query_object = new query_object(); $query_object->set_project("user"); $query_object->set_max_conditions("3"); $query_object->set_max_results("50"); $query_object->add_condition_set("username","field regexp '~'","."); $query_object->set_stylesheet($stylesheet); $query_object->set_sort_order("lname,fname"); $converter = new mysql_to_xml(); $query_object = $converter->query_database($query_object); $query_object = $converter->convert_resultset_to_xml($query_object); $xml = $query_object->get_xml(); //$query_object->print_values(); header("Content-Type: application/xml"); echo $xml; } function delete_accounts($usernames) { foreach($usernames as $username) { $query = "DELETE FROM user_user WHERE username_0='$username'"; mysql_query($query); if(mysql_error()) { echo "account_manager.delete_accounts() : ".mysql_error."<BR>"; } $query = "SELECT user_refs_id FROM mydict_user_refs WHERE username_0='$username'"; $query_result = mysql_query($query); $num_rows = mysql_num_rows($query_result); if($num_rows != 0) { $row = mysql_fetch_assoc($query_result); $user_refs_id = $row["user_refs_id"]; $query = "DELETE FROM mydict_user_refs WHERE username_0='$username'"; mysql_query($query); $query = "DELETE FROM mydict_refset WHERE user_refs_id=$user_refs_id"; mysql_query($query); } } } function is_admin($username) { $query = "SELECT admin_0 FROM user_user WHERE username_0='$username'"; $query_result = mysql_query($query); $num_rows = mysql_num_rows($query_result); if($num_rows == 1) { $row = mysql_fetch_assoc($query_result); $status = $row["admin_0"]; if($status == "true") { $result = $this->VALID_ADMIN; } else { $result = $this->INVALID_ADMIN; } } else { $result = $this->INVALID_ADMIN; } return $result; } function update_login_info($username) { $date = date("Y-m-d (g:i a)"); $query = "UPDATE user_user SET login_count_0=login_count_0+1,last_login_0='$date' WHERE username_0='$username'"; mysql_query($query); echo mysql_error(); } } ?>