Initial commit Change-Id: I0000000000000000000000000000000000000000

2012-02-05 16:40:26 -05:00
commit 70806096b6
73 changed files with 22457 additions and 0 deletions
--- a/classes/users.php
+++ b/classes/users.php
@@ -0,0 +1,195 @@
+<?php
+/**
+This class is used to maintian the users table in the database
+@author ricky barrette
+@author Twenty Codes, LLC
+*/
+class users {
+
+  var $host;
+  var $username;
+  var $password;
+  var $table;
+  
+  /**
+  * Contructor
+  * @param String $host
+  * @param String $username
+  * @param String $password
+  * @param String $db
+  */
+  public function users($host, $username, $password, $db){
+  	$this->host = $host;
+  	$this->username = $username;
+  	$this->password = $password;
+  	$this->table = $db;
+  	$this->connect();
+  }
+  
+  /**
+  Chnages the password of a user
+  */
+  public function change_password($user, $old, $new){ 
+    mysql_query("UPDATE users SET pass='$new' WHERE user='$user' AND pass='$old'");
+	  $count=mysql_affected_rows();
+	  if($count==1)
+	    return true;
+	  else
+	    return false;
+  }
+  
+  /**
+	deletes a user by their username and hasded email
+	*/
+	public function delete_user($user, $email){
+	  return mysql_query("DELETE FROM users WHERE user='$user' AND email='$email'")or die(mysql_error());
+	}
+  
+  /**
+  Display all users as links that remove them
+  */
+  public function display_users() {
+  
+  $entry_display .= <<<ENTRY_DISPLAY
+    <h2>
+    	Users:
+    </h2>
+
+ENTRY_DISPLAY;
+
+    	/* Instantiate class */ 
+require_once("pager.php"); 
+$p = new Pager; 
+
+/* Show many results per page? */ 
+$limit = 5; 
+
+/* Find the start depending on $_GET['page'] (declared if it's null) */ 
+$start = $p->findStart($limit); 
+
+/* Find the number of rows returned from a query; Note: Do NOT use a LIMIT clause in this query */ 
+$count = mysql_num_rows(mysql_query("SELECT * FROM users")); 
+
+/* Find the number of pages based on $count and $limit */ 
+$pages = $p->findPages($count, $limit); 
+
+/* Now we use the LIMIT clause to grab a range of rows */ 
+$r = mysql_query("SELECT * FROM users ORDER BY user LIMIT ".$start.", ".$limit); 
+
+/* Now get the page list and echo it */ 
+$pagelist = $p->pageList($_GET['page'], $pages); 
+
+    if ( $r !== false && mysql_num_rows($r) > 0 ) {
+      while ( $a = mysql_fetch_assoc($r) ) {
+        $user = stripslashes($a['user']);
+        $email = stripslashes($a['email']);
+        $username = $a['name'];
+        $gravatar = 'http://www.gravatar.com/avatar/' . $email . '?s=48';
+
+        $entry_display .= <<<ENTRY_DISPLAY
+<img src="$gravatar" />   <b>$user</b> <a href="user_manager.php?user=$user&email=$email" onclick="return confirm('Are you sure You want to delete the user &lsquo; $user &rsquo; forever?');">Delete $user</a><br/>
+ENTRY_DISPLAY;
+      }
+      $entry_display .= '<div align="center">'.$pagelist.'</div>'; 
+      
+    } 
+    else {
+      $entry_display .= <<<ENTRY_DISPLAY
+    <p>
+      No entries have been made on this page. 
+    </p>
+
+ENTRY_DISPLAY;
+    }
+    
+    /*
+    $entry_display .= <<<ADMIN_OPTION
+
+    <p class="admin_link">
+      <a href="{$_SERVER['PHP_SELF']}?new_comment=1">Add a New Entry</a>
+    </p>
+
+ADMIN_OPTION;
+*/
+    return $entry_display;
+  }
+
+  /**
+  checks if a user/pass combo exists in the database
+  @return true if user/pas combo exists
+  @author ricky barrette
+  */
+   public function login($user, $pass) {
+    $sql="select * from users where user='".mysql_real_escape_string($user)."' and pass='$pass';"; 
+    
+    $result=mysql_query($sql);
+	  $count=mysql_num_rows($result);
+
+    $a = mysql_fetch_assoc($result);
+
+	  if($count==1){ // If there is a match.
+	    $_SESSION["username"] = $user; // Creates a cookie saving the username
+		  $_SESSION["loggedIn"] = true; // Creates a cookie saying the user is logged in
+		  $_SESSION["access"] = $a['access'];
+		  $_SESSION["email"] = $a['email'];
+		
+		  return true;
+    }	else
+		  return false;
+  }
+
+  /**
+  inserts a new user into the database
+  @author ricky barrette
+  */
+  public function new_user($user, $pass, $access, $email) {
+    $sql="select * from users where user='".mysql_real_escape_string($user)."' and pass='$pass';"; 
+    $result=mysql_query($sql);
+	  $count=mysql_num_rows($result);
+	  if($count==1) // If there is a match.
+	    die("User/Email already exists");
+    $user = mysql_real_escape_string(strip_tags($user));
+    $email = md5(mysql_real_escape_string(strip_tags($email)));
+    $sql = "INSERT INTO users (user, email, access, pass) VALUES('$user','$email','$access','$pass')";
+    return mysql_query($sql) or die("Could not select database. " . mysql_error());
+  }
+
+  /**
+  Connects to the database
+  @author ricky barrette
+  */
+  public function connect() {
+    $connection = mysql_connect($this->host,$this->username,$this->password) or die("Could not connect. " . mysql_error());
+    mysql_select_db($this->table) or die("Could not select database. " . mysql_error());
+    return $this->buildDB();
+  }
+
+  /**
+  Builds the users table
+  @author ricky barrette
+  */
+  private function buildDB() {
+    $sql = <<<MySQL_QUERY
+CREATE TABLE IF NOT EXISTS users (
+id INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,
+user		TEXT,
+email	TEXT,
+access		TEXT,
+pass		TEXT
+)
+MySQL_QUERY;
+    $result =  mysql_query($sql);
+    if($result){
+      $sql="select * from users where user='admin'"; 
+    
+      $result = mysql_query($sql);
+  	  $count=mysql_num_rows($result);
+
+	    if(! $count==1)
+        mysql_query("INSERT INTO users (user, email, access, pass) VALUES('admin', 'd41d8cd98f00b204e9800998ecf8427e', 'admin','d82494f05d6917ba02f7aaa29689ccb444bb73f20380876cb05d1f37537b7892')");
+    }
+    return $result;
+  }
+
+}
+?>