[Astrospaces-commits] SF.net SVN: astrospaces: [91] trunk
Brought to you by:
p3net
Menu
▾
▴
[Astrospaces-commits] SF.net SVN: astrospaces: [91] trunk
|
From: <del...@us...> - 2007-08-04 00:18:42
|
Revision: 91
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=91&view=rev
Author: deltalabs
Date: 2007-08-03 17:18:45 -0700 (Fri, 03 Aug 2007)
Log Message:
-----------
had to add the constant for the static_profile_fields table to config.php, and finished fitting the queries in user.php to the new schema. I also added the `who` field to the actions table in the schema
Modified Paths:
--------------
trunk/config.php
trunk/develop/new-schema.sql
trunk/functions/user.php
Modified: trunk/config.php
===================================================================
--- trunk/config.php 2007-08-03 23:08:43 UTC (rev 90)
+++ trunk/config.php 2007-08-04 00:18:45 UTC (rev 91)
@@ -21,6 +21,7 @@
from functioning.
*/
define('AS_TBL_USERS', AS_DB_PREFIX.'users');
+define('AS_TBL_STATIC_PROFILE_FIELDS', AS_DB_PREFIX.'static_profile_fields');
define('AS_TBL_BLOG', AS_DB_PREFIX.'blog');
define('AS_TBL_BLOG_CMT', AS_DB_PREFIX.'blog_comment');
define('AS_TBL_COMMENTS', AS_DB_PREFIX.'comments');
Modified: trunk/develop/new-schema.sql
===================================================================
--- trunk/develop/new-schema.sql 2007-08-03 23:08:43 UTC (rev 90)
+++ trunk/develop/new-schema.sql 2007-08-04 00:18:45 UTC (rev 91)
@@ -1,6 +1,7 @@
DROP TABLE IF EXISTS `as_actions`;
CREATE TABLE `as_actions` (
`action_id` int(10) unsigned NOT NULL auto_increment,
+ `who` int(11) unsigned NOT NULL,
`action_timestamp` int(10) unsigned NOT NULL,
`action` int(2) unsigned NOT NULL,
`for` int(11) unsigned NOT NULL,
Modified: trunk/functions/user.php
===================================================================
--- trunk/functions/user.php 2007-08-03 23:08:43 UTC (rev 90)
+++ trunk/functions/user.php 2007-08-04 00:18:45 UTC (rev 91)
@@ -30,10 +30,10 @@
/* We don't have a session and aren't logged in. Let's create it */
$id = md5(time() . rand(1,1000));
/* Check to make sure it's unique */
- $_query = 'INSERT INTO '.AS_TBL_SESSION.' (id, user_id, ip, last_update) VALUES(' . $id . ','.$db->qstr('-1').',' . $db->qstr($_SERVER['REMOTE_ADDR']) . ',' . time() . ')';
+ $_query = 'INSERT INTO '.AS_TBL_SESSION.' (session_id, user_id, ip, last_update) VALUES(' . $id . ','.$db->qstr('-1').',' . $db->qstr($_SERVER['REMOTE_ADDR']) . ',' . time() . ')';
if ($db->Execute($_query) === false)
{
- $error->general('<b>DB Error!</b>', 'session.php - create(): '.$db->ErrorMsg());
+ $error->general('<b>DB Error!</b>', 'user.php - create(): '.$db->ErrorMsg());
return false;
}
$_COOKIE['session_id'] = $id;
@@ -74,7 +74,7 @@
}
}
/* Update our updated time */
- $_query = 'UPDATE '.AS_TBL_SESSION.' SET last_update = ' . time() . ' WHERE id = ' . $user->data['id'] . ' LIMIT 1';
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET last_update = ' . time() . ' WHERE session_id = ' . $user->data['id'] . ' LIMIT 1';
if ($db->Execute($_query) === false)
{
$error->general('<b>DB Error!</b>', 'session.php - check(): '.$db->ErrorMsg());
@@ -126,10 +126,10 @@
}
else
{
- $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = ' . $user_id . ' WHERE id = ' . $db->qstr($_COOKIE["session_id"]) . ' LIMIT 1';
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = ' . $user_id . ' WHERE session_id = ' . $db->qstr($_COOKIE["session_id"]) . ' LIMIT 1';
if ($db->Execute($_query) === false)
{
- $error->general('<b>DB Error!</b>', 'session.php - login(): '.$db->ErrorMsg());
+ $error->general('<b>DB Error!</b>', 'user.php - login(): '.$db->ErrorMsg());
return false;
}
/* Run the session check again. It'll make the row and populate $user->data */
@@ -145,7 +145,7 @@
{
if($session->logged_in())
{
- $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = '.$db->qstr('-1').' WHERE id = ' . $user->data['id'] . ' AND ip = ' . $db->qstr($user->data['ip']) . ' LIMIT 1';
+ $_query = 'UPDATE '.AS_TBL_SESSION.' SET user_id = '.$db->qstr('-1').' WHERE session_id = ' . $user->data['id'] . ' AND ip = ' . $db->qstr($user->data['ip']) . ' LIMIT 1';
$db->query($_query);
$user->data = null;
}
@@ -172,7 +172,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_1 = ' . $user->data['user_id'] . ' AND party_2 = ' . $id . ' AND accepted = 1';
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE user1_id = ' . $user->data['user_id'] . ' AND user2_id = ' . $id . ' AND accepted = 1';
$_query = $db->Execute($_query);
if($_query->fields[0] > 0)
{
@@ -180,7 +180,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_2 = ' . $user->data['user_id'] . ' AND party_1 = ' . $id . ' AND accepted = 1';
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE user2_id = ' . $user->data['user_id'] . ' AND user2_id = ' . $id . ' AND accepted = 1';
$_query = $db->Execute($_query);
if($_query->fields[0] > 0)
{
@@ -221,7 +221,7 @@
7. Left you a comment on a blog post
8. Joined a group
9. Created a group */
- $_query = 'INSERT INTO '.AS_TBL_ACTION.' (time, who, action, for) VALUES(' . time() . ',' . $user->data['user_id'] . ', ' . $action . ', ' . $who . ')';
+ $_query = 'INSERT INTO '.AS_TBL_ACTION.' (action_timestamp, who, action, for) VALUES(' . time() . ',' . $user->data['user_id'] . ', ' . $action . ', ' . $who . ')';
$db->query($_query);
return true;
}
@@ -250,7 +250,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE (party_1 = ' . $user->data['user_id'] . ' AND party_2 = ' . $id;
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE (user1_id = ' . $user->data['user_id'] . ' AND user2_id = ' . $id;
$_query = $db->query($_query);
if ($_query->fields[0] > 0)
{
@@ -258,7 +258,7 @@
}
else
{
- $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE party_2 = ' . $user->data['user_id'] . ' AND party_1 = ' . $id;
+ $_query = 'SELECT count(*) FROM '.AS_TBL_FRIEND.' WHERE user1_id = ' . $user->data['user_id'] . ' AND user1_id = ' . $id;
$_query = $db->Execute($_query);
if ($_query->fields[0] > 0)
{
@@ -290,7 +290,7 @@
$error->general('Invalid friendID', "Invalid friendID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
- $_query= 'UPDATE '.AS_TBL_FRIEND.' SET accepted = 1 WHERE party_2 = '.$data->user['user_id'].' AND party_1 = '.$id.' LIMIT 1';
+ $_query= 'UPDATE '.AS_TBL_FRIEND.' SET accepted = 1 WHERE user2_id = '.$data->user['user_id'].' AND user1_id = '.$id.' LIMIT 1';
$db->query($_query);
$user->action(5, $id);
}
@@ -308,7 +308,7 @@
}
/*We're simply checking whether or not we have the permissions to view this space */
/*First we need to figure out what the space privacy setting is*/
- $_query = 'SELECT privacy FROM '.AS_TBL_USER.' WHERE id = ' . $id . ' LIMIT 1';
+ $_query = 'SELECT privacy FROM '.AS_TBL_USER.' WHERE user_id = ' . $id . ' LIMIT 1';
$_query = $db->Execute($_query);
$_query = $db->GetArray($_query);
$res = $_query[0]['privacy'];
@@ -414,7 +414,7 @@
$error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
return false;
}
- $_query = 'SELECT display_name FROM '.AS_TBL_USER.' WHERE id = ' . $id;
+ $_query = 'SELECT display_name FROM '.AS_TBL_STATIC_PROFILE_FIELDS.' WHERE static_profile_field_id = ' . $id;
$_query = $db->Execute($_query);
$res = $db->GetArray($_query);
return $res[0]['display_name'];
@@ -432,13 +432,13 @@
return false;
}
- $owner = 'SELECT owner_id FROM '.AS_TBL_IMG.' WHERE id = ' . $id;
+ $owner = 'SELECT owner_id FROM '.AS_TBL_IMG.' WHERE img_id = ' . $id;
$owner = $db->query($owner);
$owner = $db->fetch_array($owner);
$owner = $owner['owner'];
if ($session->is_friend($owner))
{
- $_query = 'INSERT INTO '.AS_TBL_IMG_CMT.' (image_id, post_timestamp, author, comment) VALUES('. $id . ',' . time() . ',' . $user->data['user_id'] . ',' . $db->qstr($_POST['comment'],get_magic_quotes_gpc()) . ')';
+ $_query = 'INSERT INTO '.AS_TBL_IMG_CMT.' (img_id, post_timestamp, author, comment) VALUES('. $id . ',' . time() . ',' . $user->data['user_id'] . ',' . $db->qstr($_POST['comment'],get_magic_quotes_gpc()) . ')';
if ($db->Execute($_query) === false)
{
$error->general('<b>DB Error!</b>', 'session.php - add_img_comment(): '.$db->ErrorMsg());
@@ -447,6 +447,26 @@
}
}
/*
+ Function Name: is_in_group
+ Arguments: (int) user_id -- id of user, (int) grp_id -- id of group
+ Purpose: check to see whether or not user is part of a particular group
+ */
+ function is_in_group ($user_id, $grp_id)
+ {
+ if (!is_numeric($user_id) and $user_id != null)
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ else if (!is_numeric($grp_id) and $grp_id != null)
+ {
+ $error->general('Invalid groupID', "Invalid groupID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+
+ /* Work in progress... */
+ }
+ /*
Function Name: generate_timestamp
Arguments: (int) time -- time to parse
Purpose: Generate datestamp of time passed, taking user's time offset into consideration
@@ -461,7 +481,7 @@
if($session->logged_in())
{
- $_query = 'SELECT time_offset FROM '.AS_TBL_USER.' WHERE id = ' . $user->data['user_id'];
+ $_query = 'SELECT time_offset FROM '.AS_TBL_USER.' WHERE user_id = ' . $user->data['user_id'];
$_query = $db->Execute($_query);
$_query = $query->GetArray($_query);
$offset = $_query[0]['time_offset'];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
