[Openupload-svn-update] SF.net SVN: openupload:[29] trunk
Status: Beta
Brought to you by:
tsdogs
Menu
▾
▴
[Openupload-svn-update] SF.net SVN: openupload:[29] trunk
|
From: <ts...@us...> - 2008-10-17 18:08:13
|
Revision: 29
http://openupload.svn.sourceforge.net/openupload/?rev=29&view=rev
Author: tsdogs
Date: 2008-10-17 18:08:10 +0000 (Fri, 17 Oct 2008)
Log Message:
-----------
Reimplement the database api and fix accordingly, split the user from the classes, some other fixes
Modified Paths:
--------------
trunk/TODO
trunk/lib/classes.inc.php
trunk/lib/general.inc.php
trunk/lib/main.inc.php
trunk/lib/modules/auth/default.inc.php
trunk/lib/modules/db/mysql.inc.php
trunk/lib/modules/default/admin.inc.php
trunk/lib/modules/default/auth.inc.php
trunk/lib/modules/default/files.inc.php
trunk/lib/modules/tr/array.inc.php
trunk/lib/modules/tr/gettext.inc.php
trunk/plugins/banned.inc.php
Added Paths:
-----------
trunk/data/tmp/
trunk/lib/user.inc.php
Modified: trunk/TODO
===================================================================
--- trunk/TODO 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/TODO 2008-10-17 18:08:10 UTC (rev 29)
@@ -9,26 +9,30 @@
Moderation of registrations by admin
USER
-Manage profile (password/Name/E-Mail change)
+Manage profile (password/Name/E-Mail change) done 2008.10.16
Manage personal files (if allowed)
DATABASE
+Review DB module functions done 2008.10.17
Implement pgsql module
-Additional tables for txt module, needs a review.
+Additional tables for txt module, needs a review 'cause of db api change.
AUTHENTICATION
LDAP authentication (with OpenLdap and AD) mainly
-ADMIN
+ADMIN (mainly done 2008.10.16, though it needs a major revision)
User administration
Group administration
File administration and maintainence
+Plugin administration
+
+ADMIN (missint)
Config administration
-Plugin administration
First setup script
+Plugin options
ACL
-User/Group acl for modules and plugins: partially done 2008.10
+User/Group acl for modules and plugins: done 2008.10.16
DOWNLOAD
Fix double click on no blockings for download
@@ -36,18 +40,18 @@
PLUGINS
Plugin configuration options
-(Followings are some ideas)
+(Following are some ideas)
Upload different filesize limiting depending on group
Download bandwith limiting depending on group (of upload user probably better)
Download wait time (is this really needed?)
-User additional fields fot registration request.
+User additional fields for registration request.
Antivirus on upload
Deletion timeout (should it be a plugin? Maybe only for user interaction on it)
TRANSLATIONS (gettext/array)
-Complete implementation: done 2008.10
-Translate to italian: done 2008.10
-Add a database translator?
+Complete implementation: done 2008.10.14
+Translate to italian: in progress 2008.10
+Add a database translator? not until base isn't complete.
MAINTEINENCE
Create a script to clean up the files/tmpfiles.
@@ -61,8 +65,8 @@
TERMS OF USE
-WEB SITE with Screen Shots
+WEB SITE with Screen Shots. basic are up 2008.10
-SVN setup
+SVN setup. done 2008.10
-RELEASE
+RELEASE: not until api and db are not definitive.
Modified: trunk/lib/classes.inc.php
===================================================================
--- trunk/lib/classes.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/classes.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -11,6 +11,7 @@
}
class authBase {
+var $features = array();
function authBase() {
}
@@ -20,7 +21,7 @@
class dbBase {
- function dbBase() {
+ function dbBase($config = array()) {
}
@@ -28,118 +29,42 @@
}
- function addFile($info = array()) {
+ function newId($tbl,$field = 'id',$keys = array ()) {
+ app()->error('Please reimplement: '.$this->name.' newId');
+ return 0;
}
- function addFileOption($info = array(),$module,$field) {
+ function newRandomId($tbl,$field = 'id') {
+ app()->error('Please reimplement: '.$this->name.' newRandomId');
+ $id = randomName(30,30);
+ return $id;
}
- function removeFile($id) {
+ function count($tbl,$keys = array()) {
+ app()->error('Please reimplement: '.$this->name.' count');
+ return 0;
}
-
- function getFileInfo($id = 0) {
+
+ function read($tbl,$keys = array(), $sort = array(), $limit = '', $assoc = array()) {
+ app()->error('Please reimplement: '.$this->name.' read');
return array();
}
-
- function userInfo($login) {
- return array();
- }
-
- function addUser($info) {
- }
-
- function deleteUser($login) {
- }
-}
-
-class User {
- function User() {
+ function insert($tbl,$values,$fields = array()) {
+ app()->error('Please reimplement: '.$this->name.' insert');
+ return false;
}
- function init() {
- $this->auth = app()->auth;
- /* setup the user if not yet done */
- }
-
- function logout() {
- global $_SESSION;
-
- $messages = $_SESSION['user']['messages'];
- $errors = $_SESSION['user']['errors'];
- unset($_SESSION['user']);
- $_SESSION['user']['messages'] = $messages;
- $_SESSION['user']['errors'] = $errors;
- redirect('?action=login');
- }
-
- function loggedin() {
- global $_SESSION;
- if (isset($_SESSION['user']['login']) and $_SESSION['user']['login']!='') {
- return true;
- }
+ function update($tbl,$values,$keys = array(),$fields = array()) {
+ app()->error('Please reimplement: '.$this->name.' update');
return false;
}
-
- function userInfo($field = '') {
- if ($field != '') {
- return $_SESSION['user'][$field];
- } else {
- return $_SESSION['user'];
- }
- }
- function userGroup() {
- if ($this->userInfo('group_id')!='')
- $group = $this->userInfo('group_id');
- else
- $group = app()->config['register']['nologingroup'];
- return $group;
- }
-
- function setUserInfo($user) {
- $_SESSION['user']=$user;
- }
-
- function authenticate() {
- global $_SESSION;
- global $_GET;
- global $_POST;
-
- /* logout if requested */
- if (isset($_GET['logout'])) {
- $this->logout();
- }
-
- /* if already authenticated return */
- if ($this->loggedin())
- return true;
-
- // if it's logging in save user and pwd
- if (isset($_POST['username'])) {
- $username = $_POST['username'];
- $password = $_POST['pwd'];
- }
-
-
- if ($username != '') {
- // use the default authentication method
- $res = $this->auth->authenticate($username,$password);
- if ($res) {
- $_SESSION['user']['login']=$username;
- /* retrieve user info */
- $info = $this->auth->userinfo($username);
- //unset($info['password']);
- $_SESSION['user'] = $info;
- /* make the post not be resent on refresh */
- redirect();
- } else {
- // set the error message for the login
- app()->error(tr('Login incorrect!'));
- }
- }
+ function delete($tbl,$keys = array()) {
+ app()->error('Please reimplement: '.$this->name.' delete');
return false;
}
+
}
class OpenUploadModule {
Modified: trunk/lib/general.inc.php
===================================================================
--- trunk/lib/general.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/general.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -7,6 +7,7 @@
define('SMARTY_DIR', $CONFIG['INSTALL_ROOT'].'/lib/smarty/');
require(SMARTY_DIR . 'Smarty.class.php');
require_once($CONFIG['INSTALL_ROOT'].'/lib/classes.inc.php');
+require_once($CONFIG['INSTALL_ROOT'].'/lib/user.inc.php');
require_once($CONFIG['INSTALL_ROOT'].'/lib/main.inc.php');
/* check if the selected template needs personalizations code of some sort */
@@ -30,6 +31,7 @@
//echo 'redirect '.$url; exit;
/* there might be problems with urls containing other urls but this is not my case
anyway! */
+//echo '<pre>'; print_r( debug_backtrace()); echo '</pre>'; exit();
if (strpos('http://',$url)===FALSE and strpos('https://',$url)===FALSE) {
header('location: '.$_SERVER['PHP_SELF'].$url);
} else {
Modified: trunk/lib/main.inc.php
===================================================================
--- trunk/lib/main.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/main.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -33,8 +33,8 @@
$dbtype = $this->config['database']['type'];
require_once($this->config['INSTALL_ROOT'].'/lib/modules/db/'.$dbtype.'.inc.php');
$dbmname = $dbtype.'DB';
- $this->db = new $dbmname();
- $this->db->init($this->config['database']['prefix']);
+ $this->db = new $dbmname($this->config['database']);
+ $this->db->init(); /* open db connection */
/* authentication module */
if (isset($this->config['auth'])) {
@@ -46,7 +46,8 @@
$auth = $authmname.'Auth';
$this->auth = new $auth();
- $this->user = new User();
+ $this->user = new OpenUploadUser();
+ $this->user->auth = &$this->auth;
/* translation module */
if (isset($this->config['translator'])) {
@@ -58,27 +59,27 @@
$tr = $trname.'Translator';
$this->tr = new $tr();
- $this->langs = $this->db->loadTable('langs','','','id');
+ $this->langs = $this->db->read('langs',array(),array('id'),'',array('id'));
/* check if it was forced */
if (isset($_GET['lang'])) {
- $user = $this->user->userInfo();
+ $user = $this->user->info();
$user['lang']=$_GET['lang'];
- $this->user->setUserInfo($user);
+ $this->user->setInfo('lang',$_GET['lang']);
}
+ $this->tr->init();
+ $this->auth->init();
+ $this->user->init();
+
+
/* configure the language */
- if ($this->user->userInfo('lang')=='') {
+ if ($this->user->info('lang')=='') {
$lang = $this->getBrowserLang();
- $user = $this->user->userInfo();
- $user['lang']=$lang;
- $this->user->setUserInfo($user);
+ $user = $this->user->info();
+ $this->user->setInfo('lang',$lang);
}
- $this->tr->init();
- $this->auth->init();
- $this->user->init();
-
$this->config['modules'][]='files';
$this->config['modules'][]='admin';
$this->config['modules'][]='auth';
@@ -163,7 +164,7 @@
foreach ($this->modules as $m) {
foreach ($m->actions as $k => $a) {
if (isset($m->menu[$k])) {
- $group = app()->user->userGroup();
+ $group = app()->user->group();
if ($this->checkACL($group,$m->name,$k) == 'allow') {
$this->menu[$k]=$m->menu[$k];
}
@@ -206,7 +207,7 @@
/* check plugin acl */
$acl = 'disable'; /* disabled by default */
if (isset($this->pluginAcl[$plugin->name])) {
- $acl = $this->pluginAcl[$plugin->name];
+ $acl = $this->pluginAcl[$plugin->name]['access'];
}
if (!$plugin->$action($finfo,$acl)) {
if ($stop) return false;
@@ -220,30 +221,36 @@
function loadACL() {
/* loads the acl from the db */
- $group = $this->user->userGroup();
- $this->acl = $this->db->loadACL($group);
- $this->pluginAcl = $this->db->loadPluginAcl($group);
+ $group = $this->user->group();
+ $this->acl = array_merge($this->db->read('acl',array('group_id' => $group),array('module','action'),'',
+ array('group_id','module','action')),
+ $this->db->read('acl',array('group_id' => '*'),array('module','action'),'',
+ array('group_id','module','action')));
+ $this->pluginAcl = $this->db->read('plugin_acl',array('group_id' => $group),array('plugin'),'',array('plugin'));
}
function checkACL($group,$module,$action) {
$result = 'deny'; /* not defined are denyed by default */
if (isset($this->acl[$group][$module][$action])) {
- $result = $this->acl[$group][$module][$action];
+ $result = $this->acl[$group][$module][$action]['access'];
} else if (isset($this->acl[$group][$module]['*'])) {
- $result = $this->acl[$group][$module]['*'];
+ $result = $this->acl[$group][$module]['*']['access'];
} else if (isset($this->acl[$group]['*']['*'])) {
- $result = $this->acl[$group]['*']['*'];
+ $result = $this->acl[$group]['*']['*']['access'];
} else if (isset($this->acl['*'][$module][$action])) {
$result = $this->acl['*'][$module][$action];
} else if (isset($this->acl['*'][$module]['*'])) {
- $result = $this->acl['*'][$module]['*'];
+ $result = $this->acl['*'][$module]['*']['access'];
} else if (isset($this->acl['*']['*']['*'])) {
- $result = $this->acl['*']['*']['*']; /* this should be avoided imho */
+ $result = $this->acl['*']['*']['*']['access']; /* this should be avoided imho */
}
if ($this->config['debug_acl'] and $result == 'deny') {
- echo 'group: '.$group.'<br>'; print_r($this->acl); exit;
- }
+ echo '<pre>ACL: '.$result.' - group: '.$group.', module: '.$module.', action: '.$action."\n";
+ print_r($this->acl);
+ echo '</pre>';
+ exit;
+ }
return $result;
}
@@ -276,7 +283,7 @@
/* get the handling module */
$mname = $this->actions[$this->action];
$m = &$this->modules[$mname];
- $group = $this->user->userGroup();
+ $group = $this->user->group();
if ($this->checkACL($group,$mname,$this->action)!='allow') {
redirect();
@@ -300,7 +307,7 @@
$m->$fun();
/* now display the final page */
- $this->tpl->assign('user',$this->user->userInfo());
+ $this->tpl->assign('user',$this->user->info());
$this->tpl->assign('langs',$this->langs);
unset($_SESSION['user']['messages']);
unset($_SESSION['user']['errors']);
Modified: trunk/lib/modules/auth/default.inc.php
===================================================================
--- trunk/lib/modules/auth/default.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/auth/default.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -1,8 +1,12 @@
<?php
/* use the db to Authenticate users */
class defaultAuth extends authBase {
-
+var $db;
+var $userfields;
+
function defaultAuth() {
+ $this->userfields = array('id','login','password','name','group_id','email','lang','active');
+ $this->features = array('info','add', 'update', 'delete');
}
function init() {
@@ -10,22 +14,34 @@
}
function authenticate($login,$password) {
- $res = $this->db->queryUser($login);
- //echo crypt($password); exit;
- if ($res['login']==$login and crypt($password,$res['password'])==$res['password']) {
+ $res = $this->db->read('users',array('login' => $login, 'active' => 1));
+ $user = $res[0];
+ if ($user['login']==$login and crypt($password,$user['password'])==$user['password']) {
return true;
}
return false;
}
-
- function userInfo($login) {
- $result = $this->db->queryUser($login);
- return $result;
+
+ function info($login) {
+ $result = $this->db->read('users',array('login' => $login));
+ return $result[0];
}
- function addUser($user) {
+ function add($user) {
$user['password']=crypt($user['password']);
- $this->db->addUser($user);
+ $this->db->insert('users',$user,$this->userfields);
}
+
+ function update($user,$pwd = false) {
+ if ($pwd) {
+ $user['password']=crypt($user['password']);
+ }
+ $this->db->update('users',$user,array('id' => $user['id']),$this->userfields);
+ }
+
+ function delete($id) {
+ $this->db->delete('users',array('id' => $id));
+ }
}
+
?>
\ No newline at end of file
Modified: trunk/lib/modules/db/mysql.inc.php
===================================================================
--- trunk/lib/modules/db/mysql.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/db/mysql.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -2,93 +2,43 @@
class mysqlDB extends dbBase {
var $db;
var $prefix;
+ var $config;
- function mysqlDB($prefix = '') {
- $this->prefix = $prefix;
+ function mysqlDB($config) {
+ $this->prefix = $config['prefix'];
+ $this->config = $config;
}
function init() {
/* connect to the database */
- mysql_connect(app()->config['database']['host'],app()->config['database']['user'],app()->config['database']['password'])
+ mysql_connect($this->config['host'],$this->config['user'],$this->config['password'])
or die(tr('ERROR: connection to database failed!'));
- $this->db = mysql_select_db(app()->config['database']['name']);// or die('ERROR: database could not be opened');
+ $this->db = mysql_select_db($this->config['name']);// or die('ERROR: database could not be opened');
}
- function getLang($lang) {
- $sql = 'select * from '.$this->prefix.'langs where id="'.$lang.'"';
- $res = mysql_query($sql);
- if (mysql_num_rows($res)>0) {
- $result = mysql_fetch_assoc($res);
- mysql_free_result($res);
- return $result;
- } else {
- return array();
- }
- }
- function queryUser($login,$active = true) {
-
- $sql = 'select * from '.$this->prefix.'users where login="'.mysql_real_escape_string($login).'"';
- if ($active) $sql .= ' and active=1';
- $res = mysql_query($sql);
- if (mysql_num_rows($res)>0) {
- $result = mysql_fetch_assoc($res);
- mysql_free_result($res);
- return $result;
- } else {
- return array();
+ function newId($tbl,$field = 'id',$keys = array ()) {
+ $sql = 'SELECT max('.$field.') as newid FROM '.$this->prefix.$tbl;
+ if (count($keys)>0) {
+ $where = '';
+ foreach ($keys as $k => $v) {
+ if ($where != '') $where .= ' AND ';
+ $where .= $k.'="'.(mysql_real_escape_string($v)).'"';
+ }
+ $sql .= ' WHERE '.$where;
}
- }
-
- function addUser($user) {
- $e = 'mysql_real_escape_string';
- $sql = 'insert into '.$this->prefix.'users (id,login,password,name,group_id,email,lang,active) values
- (NULL,"'.$e($user['login']).'","'.$e($user['password']).'","'.$e($user['name']).'","'.$e($user['group_id']).'","'
- .$e($user['email']).'","'.$e($user['lang']).'","'.$e($user['active']).'")';
- mysql_query($sql);
- }
-
- function updateUser($user) {
- $e = 'mysql_real_escape_string';
- $sql = 'update '.$this->prefix.'users set
- password="'.$e($user['password']).'",group_id="'.$e($user['group_id']).'",name="'.$e($user['name']).
- '",email="'.$e($user['email']).'",lang="'.$e($user['lang']).'",active="'.$e($user['active']).'"'.
- 'where login="'.$user['login'].'"';
- mysql_query($sql);
- }
-
- function deleteUser($login) {
- $e = 'mysql_real_escape_string';
- $sql = 'delete from '.$this->prefix.'users where login="'.$login.'"';
- mysql_query($sql);
- }
-
- function getFileInfo($id) {
- $sql = 'select * from '.$this->prefix.'files where id="'.mysql_real_escape_string($id).'"';
-
$res = mysql_query($sql);
- if (mysql_num_rows($res)==1) {
- $result = mysql_fetch_assoc($res);
- } else {
- $result = array();
- }
+ $newid = mysql_fetch_assoc($res);
mysql_free_result($res);
- /* now add the additional info */
- $sql = 'select name,value from '.$this->prefix.'file_options where file_id="'.mysql_real_escape_string($id).'"';
- $res = mysql_query($sql);
- while ($row = mysql_fetch_assoc($res)) {
- $result[$row['name']]=$row['value'];
- }
- mysql_free_result($res);
- return $result;
+ return $id['newid']+1;
}
-
- function newFileId($field = 'id') {
+
+ function newRandomId($tbl,$field = 'id') {
$found = true;
while ($found) {
$id = randomName(30,30);
- $sql = 'select '.$field.' from '.$this->prefix.'files where id="'.mysql_real_escape_string($id).'"';
+ $sql = 'SELECT '.$field.' FROM '.$this->prefix.$tbl.' WHERE '.$field.'="'.$id.'"';
$res = mysql_query($sql);
$found = mysql_num_rows($res)>0;
mysql_free_result($res);
@@ -96,112 +46,125 @@
return $id;
}
- function addFile(&$finfo) {
- $e = 'mysql_real_escape_string';
- $sql = 'insert into '.$this->prefix.'files (id,name,mime,description,size,remove,user_id,ip,upload_date)
- values ("'.$e($finfo['id']).'","'.$e($finfo['name']).'","'.$e($finfo['mime']).'","'.$e($finfo['description']).
- '","'.$e($finfo['size']).'","'.$e($finfo['remove']).'","'.$finfo['user_id'].'","'.$finfo['ip'].'",now())';
- /* now ask the plugins for additional options */
- mysql_query($sql);
- return $finfo['id'];
- }
-
- function addFileOption($finfo,$module,$field) {
- $sql = 'insert into '.$this->prefix.'file_options (id,file_id,module,name,value)
- values ("null","'.$finfo['id'].'","'.$module.'","'.$field.'","'.mysql_real_escape_string($finfo[$field]).'")';
- /* now ask the plugins for additional options */
- mysql_query($sql);
- }
-
- function removeFile($id) {
- $sql = 'delete '.$this->prefix.'file_options
- where file_id="'.mysql_real_escape_string($id).'"';
- mysql_query($sql);
- $sql = 'delete '.$this->prefix.'files
- where id="'.mysql_real_escape_string($id).'"';
- mysql_query($sql);
- }
-
- function loadAcl($group) {
- $sql = 'select * from '.$this->prefix.'acl where (group_id="'.$group.'" or group_id="*") order by group_id,module,action';
- $res = mysql_query($sql);
- $acl = array();
- while ($row = mysql_fetch_assoc($res)) {
- $acl[$row['group_id']][$row['module']][$row['action']]=$row['access'];
+ function count($tbl,$keys = array()) {
+ $sql = 'SELECT count(*) AS num FROM '.$this->prefix.$tbl;
+ if (count($keys)>0) {
+ $where = '';
+ foreach ($keys as $k => $v) {
+ if ($where != '') $where .= ' AND ';
+ $where .= $k.'="'.(mysql_real_escape_string($v)).'"';
+ }
+ $sql .= ' WHERE '.$where;
}
- mysql_free_result($res);
- return $acl;
- }
- function loadPluginAcl($group) {
- $sql = 'select plugin,access from '.$this->prefix.'plugin_acl where group_id="'.$group.'" group by plugin';
$res = mysql_query($sql);
- $plugins = array();
- while ($row = mysql_fetch_assoc($res)) {
- $plugins[$row['plugin']] = $row['access'];
- }
+ $row = mysql_fetch_assoc($res);
mysql_free_result($res);
- return $plugins;
+ return $row['num'];
}
- function loadTable($tbl,$sort = '',$limit = '',$key = '') {
- $sql = 'select * from '.$this->prefix.$tbl;
- if ($sort!='') $sql .= ' order by '.$sort;
- if ($limit!='') $sql .= ' limit '.$limit;
+ function read($tbl,$keys = array(), $sort = array(), $limit = '', $assoc = array()) {
+ $sql = 'SELECT * FROM '.$this->prefix.$tbl;
+ if (count($keys)>0) {
+ $where = '';
+ foreach ($keys as $k => $v) {
+ if ($where != '') $where .= ' AND ';
+ $where .= $k.'="'.(mysql_real_escape_string($v)).'"';
+ }
+ $sql .= ' WHERE '.$where;
+ }
+ if (count($sort)>0) {
+ $sorting = '';
+ foreach ($sort as $s) {
+ if ($sorting!='') $sorting.=',';
+ $sorting .= $s;
+ }
+ $sql .= ' ORDER BY '.$sorting;
+ }
+ if ($limit != '') {
+ $sql .= ' LIMIT '.$limit;
+ }
$res = mysql_query($sql);
$result = array();
while ($row = mysql_fetch_assoc($res)) {
- if ($key!='')
- $result[$row[$key]] = $row;
- else
+ if (count($assoc)) { /* maybe there is a better way to do this? */
+ $str = '$result';
+ foreach ($assoc as $k) {
+ $str .= '[\''.$row[$k].'\']';
+ }
+ $str .= '=$row;';
+ eval($str);
+ } else {
$result[] = $row;
+ }
}
mysql_free_result($res);
return $result;
}
- function getRecord($tbl,$key,$val) {
- $sql = 'select * from '.$this->prefix.$tbl.' where '.$key.'="'.$val.'"';
- $res = mysql_query($sql);
- $result = mysql_fetch_assoc($res);
+ function insert($tbl,$values,$fields = array()) {
+ $sql = 'INSERT INTO '.$this->prefix.$tbl;
+ $flist = '';
+ $vlist = '';
+ if (count($fields)>0) {
+ foreach ($fields as $f) {
+ if ($flist!='') $flist .= ',';
+ if ($vlist!='') $vlist .= ',';
+ $flist .= $f;
+ $vlist .= '"'.mysql_real_escape_string($values[$f]).'"';
+ }
+ } else {
+ foreach ($values as $k => $v) {
+ if ($flist!='') $flist .= ',';
+ if ($vlist!='') $vlist .= ',';
+ $flist .= $k;
+ $vlist .= '"'.mysql_real_escape_string($v).'"';
+ }
+ }
+ $sql .= ' ('.$flist.') VALUES ('.$vlist.')';
+echo $sql;
+ $res = mysql_query($sql);
mysql_free_result($res);
- return $result;
}
- function updateRecord($tbl,$vals,$key,$val) {
- $values = '';
-
- foreach ($vals as $k => $v) {
- if ($values != '') $values .= ',';
- $values .= $k.'="'.$v.'"';
+ function update($tbl,$values,$keys = array(),$fields = array()) {
+ $sql = 'UPDATE '.$this->prefix.$tbl;
+ $set = '';
+ if (count($fields)>0) {
+ foreach ($fields as $f) {
+ if ($set!='') $set .= ',';
+ $set .= $f.'="'.mysql_real_escape_string($values[$f]).'"';
+ }
+ } else {
+ foreach ($values as $k => $v) {
+ if ($set!='') $set .= ',';
+ $set .= $k.'="'.mysql_real_escape_string($v).'"';
+ }
}
- $sql = 'update '.$this->prefix.$tbl.' set '.$values.' where '.$key.'="'.$val.'"';
- mysql_query($sql);
- }
-
- function insertRecord($tbl,$vals) {
- $values = ''; $fields = '';
-
- foreach ($vals as $k => $v) {
- if ($values != '') $values .= ',';
- if ($fields != '') $fields .= ',';
- $fields .= $k;
- $values .= '"'.$v.'"';
+ $sql .= ' SET '.$set;
+ if (count($keys)>0) { /* should always be */
+ $where = '';
+ foreach ($keys as $k => $v) {
+ if ($where != '') $where .= ' AND ';
+ $where .= $k.'="'.mysql_real_escape_string($v).'"';
+ }
+ $sql .= ' WHERE '.$where;
}
- $sql = 'insert into '.$this->prefix.$tbl.' ('.$fields.') values ('.$values.')';
- mysql_query($sql);
+ $res = mysql_query($sql);
+ mysql_free_result($res);
}
- function deleteRecord($tbl,$key,$val) {
- $sql = 'delete from '.$this->prefix.$tbl.' where '.$key.'="'.$val.'"';
- mysql_query($sql);
- }
-
- function countRecords($tbl) {
- $sql = 'select count(*) as num from '.$this->prefix.$tbl;
+ function delete($tbl,$keys = array()) {
+ $sql = 'DELETE FROM '.$this->prefix.$tbl;
+ if (count($keys)>0) {
+ $where = '';
+ foreach ($keys as $k => $v) {
+ if ($where != '') $where .= ' AND ';
+ $where .= $k.'="'.mysql_real_escape_string($v).'"';
+ }
+ $sql .= ' WHERE '.$where;
+ }
$res = mysql_query($sql);
- $row = mysql_fetch_assoc($res);
mysql_free_result($res);
- return $row['num'];
}
}
Modified: trunk/lib/modules/default/admin.inc.php
===================================================================
--- trunk/lib/modules/default/admin.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/default/admin.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -67,14 +67,14 @@
function users() {
/* List the users */
- $users = app()->db->loadTable('users','login');
+ $users = app()->db->read('users',array(),array('login'));
$this->tpl->assign('users',$users);
}
function useradd() {
global $_POST;
- $groups = app()->db->loadTable('groups','name');
+ $groups = app()->db->read('groups',array(),array('name'));
$this->tpl->assign('groups',$groups);
if (isset($_POST['adduserlogin'])) {
/* add the user */
@@ -101,8 +101,8 @@
$error = true;
}
if (!$error) {
- $user['password']=crypt($_POST['adduserpassword']);
- app()->db->addUser($user);
+ $user['password']=$_POST['adduserpassword'];
+ app()->auth->add($user);
/* redirect */
$this->nextStep(1);
}
@@ -118,7 +118,7 @@
global $_GET;
if (isset($_GET['id'])) {
- app()->db->deleteUser($_GET['id']);
+ app()->auth->delete($_GET['id']);
}
$this->nextStep(1);
}
@@ -128,10 +128,11 @@
if (isset($_GET['id'])) {
$active=$_GET['active']==1?0:1;
- $user = app()->db->queryUser($_GET['id'],false);
+ $user = app()->db->read('users',array('login' => $_GET['id']));
+ $user = $user[0];
if ($user['login']==$_GET['id']) {
$user['active']=$active;
- app()->db->updateUser($user);
+ app()->auth->update($user,false);
}
}
$this->nextStep(1);
@@ -141,10 +142,11 @@
global $_GET;
global $_POST;
/* edit the user */
- $groups = app()->db->loadTable('groups','name');
+ $groups = app()->db->read('groups',array(),array('name'));
$this->tpl->assign('groups',$groups);
if (isset($_POST['login'])) {
- $user = app()->db->queryUser($_POST['login'],false);
+ $user = app()->db->read('users',array('login' => $_POST['login']));
+ $user = $user[0];
$user['name']=$_POST['editusername'];
$user['group_id']=$_POST['editusergroup'];
$user['email']=$_POST['edituseremail'];
@@ -167,18 +169,19 @@
$error = true;
}
if (!$error) {
- app()->db->updateUser($user);
+ app()->auth->update($user);
/* redirect */
$this->nextStep(1);
}
} else {
- $user = app()->db->queryUser($_GET['id'],false);
+ $user = app()->db->read('users',array('login' => $_GET['id']));
+ $user = $user[0];
}
$this->tpl->assign('edituser',$user);
}
function groups() {
- $groups = app()->db->loadTable('groups','name');
+ $groups = app()->db->read('groups',array(),array('name'));
$this->tpl->assign('groups',$groups);
}
@@ -189,7 +192,7 @@
$group['name']=$_POST['addgroupname'];
$group['description']=$_POST['addgroupdescription'];
if ($group['name']!='') {
- app()->db->insertRecord('groups',$group);
+ app()->db->insert('groups',$group);
$this->nextStep(1);
} else {
app()->error(tr('Please provide a valid group name!'));
@@ -202,11 +205,12 @@
global $_POST;
global $_GET;
- $group = app()->db->getRecord('groups','name',$_GET['id']);
+ $group = app()->db->read('groups',array('name' => $_GET['id']));
+ $group = $group[0];
if (isset($_POST['editgroupname'])) {
$group['name']=$_POST['editgroupname'];
$group['description']=$_POST['editgroupdescription'];
- app()->db->updateRecord('groups',$group,'name',$group['name']);
+ app()->db->update('groups',$group,array('name' => $group['name']));
$this->nextStep(1);
}
app()->tpl->assign('group',$group);
@@ -216,17 +220,17 @@
global $_GET;
/* should check if sub users exsist */
if (isset($_GET['id'])) {
- app()->db->deleteRecord('groups','name',$_GET['id']);
+ app()->db->delete('groups',array('name' => $_GET['id']));
/* delete all the rights of the group */
- app()->db->deleteRecord('acl','group_id',$_GET['id']);
+ app()->db->delete('acl',array('group_id' => $_GET['id']));
}
$this->nextStep(1);
}
function rights() {
- $groups = app()->db->loadTable('groups','name');
+ $groups = app()->db->read('groups',array(),array('name'));
$this->tpl->assign('groups',$groups);
- $rights = app()->db->loadTable('acl','group_id,module');
+ $rights = app()->db->read('acl',array(),array('group_id','module'));
$this->tpl->assign('rights',$rights);
}
@@ -236,8 +240,8 @@
$modules = app()->config['modules'];
$modules['*']='*';
$this->tpl->assign('modules',$modules);
- $groups = app()->db->loadTable('groups','name');
- $groups['*']='*';
+ $groups = app()->db->read('groups',array(),array('name'));
+ $groups[]='*';
$this->tpl->assign('groups',$groups);
$access['allow']=tr('Allow');
$access['deny']=tr('Deny');
@@ -252,7 +256,7 @@
$right['module']=$_POST['addrightmodule'];
$right['action']=$_POST['addrightaction'];
$right['access']=$_POST['addrightaccess'];
- app()->db->insertRecord('acl',$right);
+ app()->db->insert('acl',$right);
$this->nextStep(1);
}
app()->tpl->assign('right',$right);
@@ -262,24 +266,26 @@
global $_POST;
global $_GET;
- $right = app()->db->getRecord('acl','id',$_GET['id']);
+ $right = app()->db->read('acl',array('id' => $_GET['id']));
+ $right = $right[0];
$modules = app()->config['modules'];
$modules['*']='*';
$this->tpl->assign('modules',$modules);
- $groups = app()->db->loadTable('groups','name');
- $groups['*']='*';
+ $groups = app()->db->read('groups',array(),array('name'));
+ $groups[]='*';
$this->tpl->assign('groups',$groups);
$access['allow']=tr('Allow');
$access['deny']=tr('Deny');
$this->tpl->assign('access',$access);
if (isset($_POST['editaclid'])) {
- $right = app()->db->getRecord('acl','id',$_POST['editaclid']);
+ $right = app()->db->read('acl',array('id' => $_POST['editaclid']));
+ $right = $right[0];
$right['group_id']=$_POST['editrightgroup'];
$right['module']=$_POST['editrightmodule'];
$right['action']=$_POST['editrightaction'];
$right['access']=$_POST['editrightaccess'];
- app()->db->updateRecord('acl',$right,'id',$_POST['editaclid']);
- $this->nextStep(1);
+ app()->db->update('acl',$right,array('id' => $_POST['editaclid']));
+ $this->nextStep(1);
}
app()->tpl->assign('right',$right);
}
@@ -288,7 +294,7 @@
global $_GET;
/* should check if sub users exsist */
if (isset($_GET['id'])) {
- app()->db->deleteRecord('acl','id',$_GET['id']);
+ app()->db->delete('acl',array('id' => $_GET['id']));
$this->nextStep(1);
}
}
@@ -301,12 +307,12 @@
$page=$_GET['page'];
}
$limit = ($NUM*($page-1)).','.$NUM;
- $count = app()->db->countRecords('files');
+ $count = app()->db->count('files');
$this->tpl->assign('pages',ceil($count / $NUM)+1);
$this->tpl->assign('pagen',$page);
- $users = app()->db->loadTable('users','login','','id');
+ $users = app()->db->read('users',array(),array('login'),'',array('id'));
$this->tpl->assign('users',$users);
- $files = app()->db->loadTable('files','upload_date desc',$limit);
+ $files = app()->db->read('files',array(),array('upload_date desc'),$limit);
$this->tpl->assign('files',$files);
}
@@ -314,7 +320,7 @@
global $_GET;
if ($_GET['id']!='') {
- app()->db->deleteFile($_GET['id']);
+ app()->db->delete('files',array('id' => $_GET['id']));
/* TODO: remove the file */
}
}
@@ -333,7 +339,7 @@
}
function pluginsacl() {
- $plugins = app()->db->loadTable('plugin_acl','plugin');
+ $plugins = app()->db->read('plugin_acl',array(),array('plugin'));
$this->tpl->assign('plugins_acl',$plugins);
}
@@ -342,7 +348,7 @@
$plugins = app()->config['plugins'];
$this->tpl->assign('pluginslist',$plugins);
- $groups = app()->db->loadTable('groups','name');
+ $groups = app()->db->read('groups',array(),array('name'));
$this->tpl->assign('groups',$groups);
$access['enable']=tr('Enable');
$access['disable']=tr('Disable');
@@ -353,7 +359,7 @@
$plugin['group_id']=$_POST['addplugingroup'];
$plugin['plugin']=$_POST['addpluginplugin'];
$plugin['access']=$_POST['addpluginaccess'];
- app()->db->insertRecord('plugin_acl',$plugin);
+ app()->db->insert('plugin_acl',$plugin);
$this->nextStep(1);
}
app()->tpl->assign('plugin',$plugin);
@@ -363,20 +369,22 @@
global $_POST;
global $_GET;
- $plugin = app()->db->getRecord('plugin_acl','id',$_GET['id']);
+ $plugin = app()->db->read('plugin_acl',array('id' => $_GET['id']));
+ $plugin = $plugin[0];
$plugins = app()->config['plugins'];
$this->tpl->assign('pluginslist',$plugins);
- $groups = app()->db->loadTable('groups','name');
+ $groups = app()->db->read('groups',array(),array('name'));
$this->tpl->assign('groups',$groups);
$access['enable']=tr('Enable');
$access['disable']=tr('Disable');
$this->tpl->assign('access',$access);
if (isset($_POST['editpluginid'])) {
- $plugin = app()->db->getRecord('plugin_acl','id',$_POST['editpluginid']);
+ $plugin = app()->db->read('plugin_acl',array('id' => $_POST['editpluginid']));
+ $plugin = $plugin[0];
$plugin['group_id']=$_POST['editplugingroup'];
$plugin['plugin']=$_POST['editpluginplugin'];
$plugin['access']=$_POST['editpluginaccess'];
- app()->db->updateRecord('plugin_acl',$plugin,'id',$_POST['editpluginid']);
+ app()->db->update('plugin_acl',$plugin,array('id' => $_POST['editpluginid']));
$this->nextStep(1);
}
app()->tpl->assign('plugin',$plugin);
@@ -386,7 +394,7 @@
global $_GET;
/* should check if sub users exsist */
if (isset($_GET['id'])) {
- app()->db->deleteRecord('plugin_acl','id',$_GET['id']);
+ app()->db->delete('plugin_acl',array('id' => $_GET['id']));
}
$this->nextStep(1);
}
Modified: trunk/lib/modules/default/auth.inc.php
===================================================================
--- trunk/lib/modules/default/auth.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/default/auth.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -41,7 +41,7 @@
$this->menu['profile']=tr('Preferences');
$this->menu['logout']=tr('Logout');
}
- $this->tpl->assign('register',app()->checkACL(app()->user->userGroup(),'auth','register')=='allow');
+ $this->tpl->assign('register',app()->checkACL(app()->user->group(),'auth','register')=='allow');
}
@@ -94,7 +94,7 @@
if (isset($_POST['registerlogin'])) {
/* check for the unique login */
- $u = app()->auth->userInfo($_POST['registerlogin']);
+ $u = app()->auth->info($_POST['registerlogin']);
if ($u['login']!='') {
app()->error(tr('Username already taken, choose a new value'));
$failed = true;
@@ -133,7 +133,7 @@
}
if ($failed)
$this->prevStep(1); /* back to registration form */
- app()->auth->addUser($user);
+ app()->auth->add($user);
} else {
$this->prevStep(1); /* back to registration form */
}
@@ -155,13 +155,13 @@
}
function profile() {
- $user = app()->user->userInfo();
+ $user = app()->user->info();
$this->tpl->assign('puser',$user);
}
function profileedit() {
global $_POST;
- $user = app()->user->userInfo();
+ $user = app()->user->info();
if (isset($_POST['username'])) {
/* check for valid values*/
if ($_POST['username']=='') {
@@ -188,12 +188,12 @@
$error = true;
} else {
app()->message(tr('Password has been changed!'));
- $user['password']=crypt($_POST['newpassword']);
+ $user['password']=$_POST['newpassword'];
}
}
if (!$error) {
- app()->db->updateUser($user);
- app()->user->setUserInfo($user);
+ app()->auth->update($user);
+ app()->user->set($user);
$this->nextStep(1);
}
}
Modified: trunk/lib/modules/default/files.inc.php
===================================================================
--- trunk/lib/modules/default/files.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/default/files.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -72,7 +72,7 @@
$_SESSION['user']['u']['name']=$_FILES['upload']['name'];
$_SESSION['user']['u']['size']=$_FILES['upload']['size'];
$_SESSION['user']['u']['ip']=$_SERVER['REMOTE_ADDR'];
- $_SESSION['user']['u']['user_id']=app()->user->userInfo('id');
+ $_SESSION['user']['u']['user_id']=app()->user->info('id');
$this->nextStep(app()->step);
} else if (!isset($_SESSION['user']['u'])) {
redirect();
@@ -102,13 +102,18 @@
if (!$result)
$this->prevStep();
/* everything ok then add the file */
- $finfo['id']= app()->db->newFileId();
- $finfo['remove']= app()->db->newFileId('remove');
- app()->db->addFile($finfo);
+ $finfo['id']= app()->db->newRandomId('files','id');
+ $finfo['remove']= app()->db->newRandomId('files','remove');
+ $finfo['upload_date'] = date('Y-m-d H:i:s');
+ app()->db->insert('files',$finfo,array('id','name','mime','description','size','remove','user_id','ip','upload_date'));
foreach (app()->plugins as $plugin) {
if (count($plugin->fields)>0) {
foreach ($plugin->fields as $f) {
- app()->db->addFileOption($finfo,$plugin->name,$f);
+ $pinfo['file_id'] = $finfo['id'];
+ $pinfo['module'] = $plugin->name;
+ $pinfo['name']=$f;
+ $pinfo['value']=$finfo[$f];
+ app()->db->insert('file_options',$pinfo,array('file_id','module','name','value'));
}
}
}
@@ -132,6 +137,16 @@
}
}
+ function loadFile($id) {
+ $finfo = app()->db->read('files',array('id'=>$id));
+ $finfo = $finfo[0];
+ $pinfo = app()->db->read('file_options',array('file_id' => $id));
+ foreach ($pinfo as $v) {
+ $finfo[$v['name']]=$v['value'];
+ }
+ return $finfo;
+ }
+
function downloadForm() {
global $_SESSION;
global $_GET;
@@ -157,7 +172,7 @@
}
/* check if download exsists, and what are the properties */
if ($id != '') {
- $finfo = app()->db->getFileInfo($id);
+ $finfo = $this->loadFile($id);
if ($finfo['id']!=$id) {
app()->error(tr('Requested file does not exsist!'));
$this->prevStep();
@@ -236,7 +251,7 @@
}
/* check if download exsists, and what are the properties */
if ($id != '') {
- $finfo = app()->db->getFileInfo($id);
+ $finfo = $this->loadFile($id);
if ($finfo['id']!=$id) {
app()->error(tr('Wrong file id!'));
redirect();
Modified: trunk/lib/modules/tr/array.inc.php
===================================================================
--- trunk/lib/modules/tr/array.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/tr/array.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -10,8 +10,8 @@
}
function init() {
- $locale = app()->user->userInfo('lang');
- $lang = app()->db->getLang($locale);
+ $locale = app()->user->info('lang');
+ $lang = app()->langs[$locale];
$tr = array();
$this->files['openupload']=app()->config['INSTALL_ROOT'].'/locale/'.$lang['id'].'.inc.php';
if (file_exists($this->files['openupload'])) {
@@ -19,7 +19,8 @@
$this->TR['openupload']=$tr;
}
$tr = array();
- $this->files['template']=app()->config['INSTALL_ROOT'].'/templates/'.app()->config['site']['template'].'/locale/'.$lang['id'].'.inc.php';
+ $this->files['template']=app()->config['INSTALL_ROOT'].'/templates/'.app()->config['site']['template'].
+ '/locale/'.$lang['id'].'.inc.php';
if (file_exists($this->files['template'])) {
require_once($this->files['template']);
$this->TR['template']=$tr;
Modified: trunk/lib/modules/tr/gettext.inc.php
===================================================================
--- trunk/lib/modules/tr/gettext.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/lib/modules/tr/gettext.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -8,8 +8,8 @@
}
function init() {
- $locale = app()->user->userInfo('lang');
- $lang = app()->db->getLang($locale);
+ $locale = app()->user->info('lang');
+ $lang = app()->langs[$locale];
putenv("LANG=".$lang['locale']);
bindtextdomain('openupload',app()->config['INSTALL_ROOT'].'/locale');
bindtextdomain('template',app()->config['INSTALL_ROOT'].'/templates/'.app()->config['site']['template'].'/locale');
Added: trunk/lib/user.inc.php
===================================================================
--- trunk/lib/user.inc.php (rev 0)
+++ trunk/lib/user.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -0,0 +1,94 @@
+<?php
+
+/* User info is stored in the session */
+
+class OpenUploadUser {
+ function OpenUploadUser() {
+ }
+
+ function init() {
+ /* setup the user */
+ }
+
+ function logout() {
+ global $_SESSION;
+
+ $messages = $_SESSION['user']['messages'];
+ $errors = $_SESSION['user']['errors'];
+ unset($_SESSION['user']);
+ $_SESSION['user']['messages'] = $messages;
+ $_SESSION['user']['errors'] = $errors;
+ redirect('?action=login');
+ }
+
+ function loggedin() {
+ global $_SESSION;
+ if (isset($_SESSION['user']['login']) and $_SESSION['user']['login']!='') {
+ return true;
+ }
+ return false;
+ }
+
+ function info($field = '') {
+ if ($field != '') {
+ return $_SESSION['user'][$field];
+ } else {
+ return $_SESSION['user'];
+ }
+ }
+
+ function group() {
+ if ($this->info('group_id')!='')
+ $group = $this->info('group_id');
+ else
+ $group = app()->config['register']['nologingroup'];
+ return $group;
+ }
+
+ function setInfo($name,$value) {
+ $_SESSION['user'][$name]=$value;
+ }
+
+ function set($user) {
+ $_SESSION['user']=$user;
+ }
+
+ function authenticate() {
+ global $_SESSION;
+ global $_GET;
+ global $_POST;
+
+ /* logout if requested */
+ if (isset($_GET['logout'])) {
+ $this->logout();
+ }
+
+ /* if already authenticated return */
+ if ($this->loggedin())
+ return true;
+
+ // if it's logging in save user and pwd
+ if (isset($_POST['username'])) {
+ $username = $_POST['username'];
+ $password = $_POST['pwd'];
+ }
+
+ if ($username != '') {
+ // use the default authentication method
+ $res = $this->auth->authenticate($username,$password);
+ if ($res) {
+ $_SESSION['user']['login']=$username;
+ /* retrieve user info */
+ $_SESSION['user'] = $this->auth->info($username);;
+ /* make the post not be resent on refresh */
+ redirect();
+ } else {
+ // set the error message for the login
+ app()->error(tr('Login incorrect!'));
+ }
+ }
+ return false;
+ }
+}
+
+?>
\ No newline at end of file
Modified: trunk/plugins/banned.inc.php
===================================================================
--- trunk/plugins/banned.inc.php 2008-10-16 18:56:05 UTC (rev 28)
+++ trunk/plugins/banned.inc.php 2008-10-17 18:08:10 UTC (rev 29)
@@ -9,7 +9,7 @@
function init() {
global $_SERVER;
- $this->banned = app()->db->loadTable('banned','priority');
+ $this->banned = app()->db->read('banned',array(),array('priority'));
/* now check if the ip has been banned display the banned template */
foreach ($this->banned as $row) {
if ($this->matchIP($_SERVER['REMOTE_ADDR'],$row['ip'])) {
@@ -91,7 +91,8 @@
function fileaction() {
global $_GET;
if (isset($_GET['ip'])) {
- $ban = app()->db->getRecord('banned','ip',$_GET['ip']);
+ $ban = app()->db->read('banned',array('ip' => $_GET['ip']));
+ $ban = $ban[0];
if ($ban['ip']!=$_GET['ip']) {
$ban['id']='';
$ban['priority']='1'; /* maybe a bigger one is better */
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
