root / lib / users.lib.php @ b5c6ba9bb5cfe74d0d2d607fbb7b8225a2512881

1
<?php
2
/*
3




4
  Copyright (C) 2009, All Rights Reserved.





5




6
  This file is part of RPInventory.





7




8
  RPInventory is free software: you can redistribute it and/or modify





9
  it under the terms of the GNU General Public License as published by





10
  the Free Software Foundation, either version 3 of the License, or





11
  (at your option) any later version.





12




13
  RPInventory is distributed in the hope that it will be useful,





14
  but WITHOUT ANY WARRANTY; without even the implied warranty of





15
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the





16
  GNU General Public License for more details.





17




18
  You should have received a copy of the GNU General Public License





19
  along with RPInventory.  If not, see <http://www.gnu.org/licenses/>.





20




21
*/





22




23
function getUser($user_id, $db = null)





24
{





25
    $close = false;





26




27
    if (is_null($db))





28
    {





29
        require_once('class/database.class.php');





30




31
        $db = new database();





32




33
        $close = true;





34
    }





35




36
    $sql = 'SELECT * FROM users WHERE user_id = ?';





37




38
    $result = $db->query($sql, $user_id);





39




40
    $user = $db->getObject($result);





41




42
    if ($close)





43
    {





44
        $db->close();





45
    }





46




47
    return $user;





48
}





49




50
function getAllUsers($db = null)





51
{





52
    $close = false;





53




54
    if (is_null($db))





55
    {





56
        require_once('class/database.class.php');





57




58
        $db = new database();





59




60
        $close = true;





61
    }





62




63
    require_once("lib/auth.lib.php");  //Session





64




65
    // Authenticate





66
    $auth = GetAuthority();





67




68
    // Users





69
    $query = "SELECT * FROM users";





70




71
    $result = $db->query($query);





72




73
    $records = $db->getObjectArray($result);





74




75
    if ($close)





76
    {





77
        $db->close();





78
    }





79
  





80
    return $records;





81
}





82




83
function getUserFromName($username, $db = null)





84
{





85
    $close = false;





86




87
    if (is_null($db))





88
    {





89
        require_once('class/database.class.php');





90




91
        $db = new database();





92




93
        $close = true;





94
    }





95




96
    // Users





97
    $query = "SELECT * FROM users WHERE username = ? LIMIT 1";





98




99
    $result = $db->query($query, $username);





100




101
    $record = $db->getObject($result);





102




103
    if ($close)





104
    {





105
        $db->close();





106
    }





107
  





108
    return $record;





109




110
}





111




112
function getAllUsernames($db = null)





113
{





114
    $close = false;





115




116
    if (is_null($db))





117
    {





118
        require_once('class/database.class.php');





119




120
        $db = new database();





121




122
        $close = true;





123
    }





124




125
    require_once("lib/auth.lib.php");  //Session





126




127
    // Authenticate





128
    $auth = GetAuthority();





129




130
    // Users





131
    $query = "SELECT username FROM users";





132




133
    $result = $db->query($query);





134




135
    $records = $db->getObjectArray($result);





136




137
    if ($close)





138
    {





139
        $db->close();





140
    }





141
  





142
    return $records;





143
}





144




145
function getUsers($db = null)





146
{





147
    $close = false;





148




149
    if (is_null($db))





150
    {





151
        require_once('class/database.class.php');





152




153
        $db = new database();





154




155
        $close = true;





156
    }





157




158
    require_once("lib/auth.lib.php");  //Session





159




160
    if (!isset($_SESSION['club']))





161
    {





162
        return array();





163
    }





164




165
    $clubId = (int)$_SESSION['club'];





166




167
    // Authenticate





168
    $auth = GetAuthority();





169




170
    // Users





171
    $query = "SELECT username, email FROM users, user_clubs WHERE user_clubs.user_id = users.user_id AND user_clubs.club_id = ?";





172




173
    $result = $db->query($query, $clubId);





174




175
    $records = $db->getObjectArray($result);





176




177
    if ($close)





178
    {





179
        $db->close();





180
    }





181
  





182
    return $records;





183
}





184




185
function getUsernames($name, $db = null)





186
{





187
    require_once( 'modules/json/JSON.php' );





188
    require_once( 'lib/auth.lib.php' );





189




190
    $close = false;





191




192
    if (is_null($db))





193
    {





194
        require_once('class/database.class.php');





195




196
        $db = new database();





197




198
        $close = true;





199
    }





200




201
    if (!isset($_SESSION['club']))





202
    {





203
        header('X-JSON: ('.$json->encode('').')');





204
        exit();





205
    }





206




207
    $club_id = $_SESSION['club'];





208
  





209
    // Authenticate





210
    $auth = GetAuthority();





211
    if($auth < 1)





212
        die("You dont have permission to access this page");





213




214
    $sql = 'SELECT username FROM users';





215




216
    $result = $db->query($sql);





217




218
    $users = $db->getObjectArray($result);





219
    $records = array();





220




221
    foreach($users as &$record)





222
    {





223
        if ( preg_match( '!^'.$name.'!', $record->username ) ) {





224
            $records[] = $record->username;





225
        }





226
    }





227




228
    $data = array( "records" => $records );





229




230
    if ($close)





231
    {





232
        $db->close();





233
    }





234




235
    $json = new Services_JSON();





236




237
    header('X-JSON: ('.$json->encode( $data ).')');





238
}





239




240
function getViewUsers($currentSortIndex=0, $currentSortDir=0, $db = null)





241
{





242
    require_once("lib/auth.lib.php");  //Session





243




244
    $close = false;





245




246
    if (is_null($db))





247
    {





248
        require_once('class/database.class.php');





249




250
        $db = new database();





251




252
        $close = true;





253
    }





254




255
    // Authenticate





256
    $auth = GetAuthority();





257




258
    // Need to be administrator 





259
    if ($auth < 2)





260
    {





261
        return array();





262
    }





263




264
    /* Determine query argument for sorting */





265
    if($currentSortIndex == 0)





266
        $sortBy = 'username';





267
    else if($currentSortIndex == 1)





268
        $sortBy = 'access_level';





269
    else if($currentSortIndex == 2)





270
        $sortBy = 'email';





271




272
    /*  Determine query argument for sort direction





273
        Ascending is default    */





274
    if($currentSortDir == 1)





275
        $sortBy .= ' DESC';





276




277
    if (!isset($_SESSION['club']))





278
    {





279
        return array();





280
    }  





281




282
    $clubId = $_SESSION['club'];





283




284
    //users





285
    $sql = "SELECT * from users, user_clubs WHERE user_clubs.user_id = users.user_id AND user_clubs.club_id = ? ORDER BY ".$sortBy;





286




287
    $result = $db->query($sql, $clubId);





288




289
    $users = $db->getObjectArray($result);





290




291
    if ($close)





292
    {





293
        $db->close();





294
    }





295




296
    return $users;





297
}





298




299
// Add a new user and link them to the current club





300
function addUser($username, $password, $accessLevel, $email, $clubId, $db = null)





301
{





302
    $close = false;





303




304
    if (is_null($db))





305
    {





306
        require_once('class/database.class.php');





307




308
        $db = new database();





309




310
        $close = true;





311
    }





312




313
    // Insert the new user





314
    $sql = 'INSERT INTO users (user_id, username, password, email) VALUES (NULL, ?, ?, ?)';





315
    $db->query($sql, $username, $password, $email);





316




317
    // Link the user to the current club





318
    $sql = 'INSERT INTO user_clubs (user_id, club_id, access_level) VALUES (?, ?, ?)';





319
    $db->query($sql, $db->insertId(), $clubId, $accessLevel);





320




321
    if ($close)





322
    {





323
        $db->close();





324
    }





325




326
    return;





327
}





328




329
function deleteUser($user_id, $db = null)





330
{





331
    $close = false;





332




333
    if (is_null($db))





334
    {





335
        require_once('class/database.class.php');





336




337
        $db = new database();





338




339
        $close = true;





340
    }





341




342
    $sql = 'DELETE FROM users WHERE user_id = ? LIMIT 1';





343




344
    $db->query($sql, $user_id);





345




346
    if ($close)





347
    {





348
        $db->close();





349
    }





350




351
    return;





352
}





353




354
function updateUser($user_id, $username, $email, $password, $db = null)





355
{





356
    $close = false;





357




358
    if (is_null($db))





359
    {





360
        require_once('class/database.class.php');





361




362
        $db = new database();





363




364
        $close = true;





365
    }





366




367
    $sql = 'UPDATE users SET username = ?, email = ?, password = ? WHERE user_id = ?';





368




369
    $db->query($sql, $username, $email, $password, $user_id);





370




371
    if ($close)





372
    {





373
        $db->close();





374
    }





375




376
    return;





377
}





378




379
function getClubUsers($club_id, $db = null)





380
{





381
    $close = false;





382




383
    if (is_null($db))





384
    {





385
        require_once('class/database.class.php');





386




387
        $db = new database();





388




389
        $close = true;





390
    }





391




392
    $sql = 'SELECT user_clubs.user_id, username, access_level FROM user_clubs, users WHERE club_id = ? AND users.user_id = user_clubs.user_id';





393




394
    $result = $db->query($sql, $club_id);





395




396
    $users = $db->getObjectArray($result);





397




398
    if ($close)





399
    {





400
        $db->close();





401
    }





402




403
    return $users;





404
}





405




406
function getClubUsernames($club_id, $db = null)





407
{





408
    $close = false;





409




410
    if (is_null($db))





411
    {





412
        require_once('class/database.class.php');





413




414
        $db = new database();





415




416
        $close = true;





417
    }





418




419
    $sql = 'SELECT username FROM user_clubs, users WHERE club_id = ? AND users.user_id = user_clubs.user_id';





420




421
    $result = $db->query($sql, $club_id);





422




423
    $users = $db->getObjectArray($result);





424




425
    if ($close)





426
    {





427
        $db->close();





428
    }





429




430
    return $users;





431
}





432




433
function addUserToClub($user_id, $club_id, $accessLevel, $db = null)





434
{





435
    $close = false;





436




437
    if (is_null($db))





438
    {





439
        require_once('class/database.class.php');





440




441
        $db = new database();





442




443
        $close = true;





444
    }





445




446
    // Link the user to the current club





447
    $sql = 'INSERT INTO user_clubs (user_id, club_id, access_level) VALUES (?, ?, ?)';





448
    $db->query($sql, $user_id, $club_id, $accessLevel);





449




450
    if ($close)





451
    {





452
        $db->close();





453
    }





454




455
    return;





456
}





457




458
function removeUserFromClub($user_id, $club_id, $db = null)





459
{





460
    $close = false;





461




462
    if (is_null($db))





463
    {





464
        require_once('class/database.class.php');





465




466
        $db = new database();





467




468
        $close = true;





469
    }





470




471
    // Link the user to the current club





472
    $sql = 'DELETE FROM user_clubs WHERE user_id = ? AND club_id = ? LIMIT 1';





473
    $db->query($sql, $user_id, $club_id);





474




475
    if ($close)





476
    {





477
        $db->close();





478
    }





479




480
    return;





481
}





482




483
?>





484