Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Question2Answer 1.0-beta-2 (c) 2010, Gideon Greenspan
- http://www.question2answer.org/
- File: qa-external-example/qa-external-users.php
- Version: 1.0-beta-2
- Date: 2010-03-08 13:08:01 GMT
- This software is licensed for use in websites which are connected to the
- public world wide web and which offer unrestricted access worldwide. It
- may also be freely modified for use on such websites, so long as a
- link to http://www.question2answer.org/ is displayed on each page.
- THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- Your functions for integrating with your existing user management system.
- This file is used if QA_EXTERNAL_USERS is set to true in qa-config.php.
- */
- /*
- ==========================================================================
- YOU MUST MODIFY THIS FUNCTION *BEFORE* QA CREATES ITS DATABASE
- ==========================================================================
- qa_get_mysql_user_column_type()
- You should return the appropriate MySQL column type to use for the userid,
- for smooth integration with your existing users. Allowed options are:
- SMALLINT, SMALLINT UNSIGNED, MEDIUMINT, MEDIUMINT UNSIGNED, INT, INT UNSIGNED,
- BIGINT, BIGINT UNSIGNED or VARCHAR(x) where x is the maximum length.
- */
- function qa_get_mysql_user_column_type() {
- // Set this before anything else
- return 'MEDIUMINT UNSIGNED';
- }
- /*
- ==========================================================================
- YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER QA CREATES ITS DATABASE
- ==========================================================================
- qa_get_login_links($relative_url_prefix, $redirect_back_to_url)
- You should return an array containing URLs for the login, register and logout pages on
- your site. These URLs will be used as appropriate within the QA site.
- You may return absolute or relative URLs for each page. If you do not want one of the links
- to show, omit it from the array, or use null or an empty string.
- If you use absolute URLs, then return an array with the URLs in full (see example 1 below).
- If you use relative URLs, the URLs should start with $relative_url_prefix, followed by the
- relative path from the root of the QA site to your login page. Like in example 2 below, if
- the QA site is in a subdirectory, $relative_url_prefix.'../' refers to your site root.
- Now, about $redirect_back_to_url. Let's say a user is viewing a page on the QA site, and
- clicks a link to the login URL that you returned from this function. After they log in using
- the form on your main site, they want to automatically go back to the page on the QA site
- where they came from. This can be done with an HTTP redirect, but how does your login page
- know where to redirect the user to? The solution is $redirect_back_to_url, which is the URL
- of the page on the QA site where you should send the user once they've successfully logged
- in. To implement this, you can add $redirect_back_to_url as a parameter to the login URL
- that you return from this function. Your login page can then read it in from this parameter,
- and redirect the user back to the page after they've logged in. The same applies for your
- register and logout pages. Note that the URL you are given in $redirect_back_to_url is
- relative to the root of the QA site, so you may need to add something.
- */
- function qa_get_login_links($relative_url_prefix, $redirect_back_to_url) {
- // Until you edit this function, don't show login, register or logout links
- return array(
- 'login' => 'http://extranet.domain.com/login/',
- // 'register' => 'http://extranet.domain.com/register/',
- 'logout' => 'http://extranet.domain.com/logout/'
- );
- }
- /*
- ==========================================================================
- YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER QA CREATES ITS DATABASE
- ==========================================================================
- qa_get_logged_in_user($qa_db_connection)
- You should check (using $_COOKIE, $_SESSION or whatever is appropriate) whether a user is
- currently logged in. If not, return null. If so, return an array with the following elements:
- * userid: a user id appropriate for your response to qa_get_mysql_user_column_type()
- * publicusername: a user description you are willing to show publicly, e.g. the username
- * email: the logged in user's email address
- * level: one of the QA_USER_LEVEL_* values below to denote the user's privileges:
- QA_USER_LEVEL_BASIC, QA_USER_LEVEL_EDITOR, QA_USER_LEVEL_ADMIN, QA_USER_LEVEL_SUPER
- The result of this function will be passed to your other function qa_get_logged_in_user_html()
- so you may add any other elements to the returned array if they will be useful to you.
- $qa_db_connection is an open connection to the QA database. If your database is shared with
- QA, you can use this with PHP's MySQL functions such as mysql_query() to run queries.
- In order to access the admin interface of your QA site, ensure that the array element 'level'
- contains QA_USER_LEVEL_ADMIN or QA_USER_LEVEL_SUPER when you are logged in.
- */
- function qa_get_logged_in_user($qa_db_connection) {
- session_start();
- $logged_in = false;
- define('LOGIN_VAR_NAME', 'HEAJTECHINFOSUP_LOGIN');
- if (isset($_SESSION[LOGIN_VAR_NAME]) && $_SESSION[LOGIN_VAR_NAME] === '1') {
- $logged_in = true;
- $userid=$_SESSION['user']['id'];
- $username=$_SESSION['user']['first'].' '.$_SESSION['user']['name'];
- $usermail = $_SESSION['user']['email'];
- $admins = array('mylastnamefirstname','hislastnamefirstname');
- $isadmin = (in_array($_SESSION['user']['alphasort'],$admins));
- return array(
- 'userid' => $userid,
- 'publicusername' => $username,
- 'email' => $usermail,
- 'level' => ($isadmin) ? QA_USER_LEVEL_ADMIN : QA_USER_LEVEL_BASIC
- );
- }
- else if(isset($_COOKIE[LOGIN_VAR_NAME]) && strlen($_COOKIE[LOGIN_VAR_NAME]) > 4) {
- parse_str($_COOKIE[LOGIN_VAR_NAME]);
- // check the user and md5(password) hash stored inside the cookie against the database
- //$user = isRegistered($usr, $hash, false, true);
- $link = mysql_connect('my_ip:3306', 'dbuser', 'dbpassword') or die("Impossible de se connecter : " . mysql_error());
- $sql="SELECT U_id,U_name,U_first,U_password, U_is_student, SaturnCode,sex FROM (
- SELECT id AS U_id,name AS U_name,first AS U_first,password AS U_password, is_student AS U_is_student, SaturnCode,sex FROM teachers WHERE login='$usr'
- UNION ALL
- SELECT id AS U_id,name AS U_name,first AS U_first,password AS U_password, is_student AS U_is_student, SaturnCode,sex FROM students WHERE login='$usr'
- ) AS sels LIMIT 0 , 1";
- $result=mysql_fetch_assoc(
- mysql_query($sql,
- $link
- )
- );
- if (is_array($result)) {
- $user = $result[0];
- $password=$user['U_password'];
- if($hash == $password) {
- $_SESSION['user'] = $user;
- $_SESSION[LOGIN_VAR_NAME] = '1';
- $userid=$_SESSION['user']['id'];
- $username=$_SESSION['user']['first'].' '.$_SESSION['user']['name'];
- $usermail = $_SESSION['user']['email'];
- $admins = array('mylastnamefirstname','hislastnamefirstname');
- $isadmin = (in_array($_SESSION['user']['alphasort'],$admins));
- return array(
- 'userid' => $userid,
- 'publicusername' => $username,
- 'email' => $usermail,
- 'level' => ($isadmin) ? QA_USER_LEVEL_ADMIN : QA_USER_LEVEL_BASIC
- );
- }
- else {
- if (ini_get("session.use_cookies")) {
- $params = session_get_cookie_params();
- setcookie(session_name(), '', mktime(12,0,0,1, 1, 1990),
- $params["path"], $params["domain"],
- $params["secure"], $params["httponly"]
- );
- }
- session_unset();
- session_destroy();
- die("login cookie: invalid hash");
- }
- }
- else {
- die("login cookie: no user found under the name $usr");
- }
- }
- }
- /*
- ==========================================================================
- YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER QA CREATES ITS DATABASE
- ==========================================================================
- qa_get_user_email($qa_db_connection, $userid)
- Return the email address for user $userid, or null if you don't know it.
- $qa_db_connection is an open connection to the QA database. If your database is shared with
- QA, you can use this with PHP's MySQL functions such as mysql_query() to run queries.
- */
- function qa_get_user_email($qa_db_connection, $userid) {
- // Until you edit this function, always return null
- return null;
- /*
- Example 1 - suitable if:
- * Your database is shared with the QA site
- * Your database has a users table that contains emails
- $result=mysql_fetch_assoc(
- mysql_query(
- "SELECT email FROM users WHERE userid='".mysql_real_escape_string($userid, $qa_db_connection)."'",
- $qa_db_connection
- )
- );
- if (is_array($result))
- return $result['email'];
- return null;
- */
- }
- /*
- ==========================================================================
- YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER QA CREATES ITS DATABASE
- ==========================================================================
- qa_get_userids_from_public($qa_db_connection, $publicusernames)
- You should take the array of public usernames in $publicusernames, and return an array which
- maps those usernames to internal user ids. For each element of this array, the username you
- were given should be in the key, with the corresponding user id in the value.
- $qa_db_connection is an open connection to the QA database. If your database is shared with
- QA, you can use this with PHP's MySQL functions such as mysql_query() to run queries. If you
- access this database or any other, try to use a single query instead of one per user.
- */
- function qa_get_userids_from_public($qa_db_connection, $publicusernames) {
- // Until you edit this function, always return null
- $escapedusernames=array();
- $link = mysql_connect('my_ip:3306', 'dbuser', 'dbpassword') or die("Impossible de se connecter : " . mysql_error());
- foreach ($publicusernames as $publicusername)
- $escapedusernames[]="'".mysql_real_escape_string($publicusername, $qa_db_connection)."'";
- $results=mysql_query(
- 'SELECT U_id,U_name,U_first,U_password, U_is_student, SaturnCode,sex FROM (
- SELECT id AS U_id,name AS U_name,first AS U_first,password AS U_password, is_student AS U_is_student, SaturnCode,sex FROM teachers WHERE login IN ('.implode(',', $escapedusernames).')
- UNION ALL
- SELECT id AS U_id,name AS U_name,first AS U_first,password AS U_password, is_student AS U_is_student, SaturnCode,sex FROM students WHERE login IN ('.implode(',', $escapedusernames).')
- ) AS sels ',
- $link
- );
- $publictouserid=array();
- while ($result=mysql_fetch_assoc($results))
- $publictouserid[$result['username']]=$result['userid'];
- return $publictouserid;
- }
- /*
- ==========================================================================
- YOU MUST MODIFY THIS FUNCTION, BUT CAN DO SO AFTER QA CREATES ITS DATABASE
- ==========================================================================
- qa_get_public_from_userids($qa_db_connection, $userids)
- This is exactly like qa_get_userids_from_public(), but works in the other direction.
- You should take the array of user identifiers in $userids, and return an array which maps
- those to public usernames. For each element of this array, the userid you were given should
- be in the key, with the corresponding username in the value.
- $qa_db_connection is an open connection to the QA database. If your database is shared with
- QA, you can use this with PHP's MySQL functions such as mysql_query() to run queries. If you
- access this database or any other, try to use a single query instead of one per user.
- */
- function qa_get_public_from_userids($qa_db_connection, $userids) {
- // Until you edit this function, always return null
- $escapeduserids=array();
- $link = mysql_connect('my_ip:3306', 'dbuser', 'dbpassword') or die("Impossible de se connecter : " . mysql_error());
- foreach ($userids as $userid)
- $escapeduserids[]="'".mysql_real_escape_string($userid, $qa_db_connection)."'";
- $results=mysql_query(
- 'SELECT username, userid FROM users WHERE userid IN ('.implode(',', $escapeduserids).')',
- $qa_db_connection
- );
- $results=mysql_query(
- 'SELECT U_id,U_name,U_first,U_password, U_is_student, SaturnCode,sex FROM (
- SELECT id AS U_id,name AS U_name,first AS U_first,password AS U_password, is_student AS U_is_student, SaturnCode,sex FROM teachers WHERE U_id IN ('.implode(',', $escapeduserids).')
- UNION ALL
- SELECT id AS U_id,name AS U_name,first AS U_first,password AS U_password, is_student AS U_is_student, SaturnCode,sex FROM students WHERE U_id IN ('.implode(',', $escapeduserids).')
- ) AS sels ',
- $link
- );
- $useridtopublic=array();
- while ($result=mysql_fetch_assoc($results))
- $useridtopublic[$result['userid']]=$result['login'];
- return $useridtopublic;
- }
- /*
- ==========================================================================
- YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
- ==========================================================================
- qa_get_logged_in_user_html($qa_db_connection, $logged_in_user, $relative_url_prefix)
- You should return HTML code which identifies the logged in user, to be displayed next to the
- logout link on the QA pages. This HTML will only be shown to the logged in user themselves.
- $logged_in_user is the array that you returned from qa_get_logged_in_user(). Hopefully this
- contains enough information to generate the HTML without another database query, but if not,
- $qa_db_connection is an open connection to the QA database.
- $relative_url_prefix is a relative URL to the root of the QA site, which may be useful if
- you want to include a link that uses relative URLs. If the QA site is in a subdirectory of
- your site, $relative_url_prefix.'../' refers to your site root (see example 1).
- If you don't know what to display for a user, you can leave the default below. This will
- show the public username, linked to the QA profile page for the user.
- */
- function qa_get_logged_in_user_html($qa_db_connection, $logged_in_user, $relative_url_prefix) {
- // By default, show the public username linked to the QA profile page for the user
- $publicusername=$logged_in_user['publicusername'];
- return '<A HREF="'.htmlspecialchars($relative_url_prefix.'user/'.urlencode($publicusername)).
- '" CLASS="qa-user-link">'.htmlspecialchars($publicusername).'</A>';
- /*
- Example 1 - suitable if:
- * Your QA site: http://www.mysite.com/qa/
- * Your user pages: http://www.mysite.com/user/[username]
- $publicusername=$logged_in_user['publicusername'];
- return '<A HREF="'.htmlspecialchars($relative_url_prefix.'../user/'.urlencode($publicusername)).
- '" CLASS="qa-user-link">'.htmlspecialchars($publicusername).'</A>';
- */
- /*
- Example 2 - suitable if:
- * Your QA site: http://qa.mysite.com/
- * Your user pages: http://www.mysite.com/[username]/
- * 16x16 user photos: http://www.mysite.com/[username]/photo-small.jpeg
- $publicusername=$logged_in_user['publicusername'];
- return '<A HREF="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).'/" CLASS="qa-user-link">'.
- '<IMG SRC="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).'/photo-small.jpeg" '.
- 'STYLE="width:16px; height:16px; border:none; margin-right:4px;">'.htmlspecialchars($publicusername).'</A>';
- */
- }
- /*
- ==========================================================================
- YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
- ==========================================================================
- qa_get_users_html($qa_db_connection, $userids, $should_include_link, $relative_url_prefix)
- You should return an array of HTML to display for each user in $userids. For each element of
- this array, the userid should be in the key, with the corresponding HTML in the value.
- $qa_db_connection is an open connection to the QA database. If your database is shared with
- QA, you can use this with PHP's MySQL functions such as mysql_query() to run queries. If you
- access this database or any other, try to use a single query instead of one per user.
- If $should_include_link is true, the HTML may include links to user profile pages.
- If $should_include_link is false, links should not be included in the HTML.
- $relative_url_prefix is a relative URL to the root of the QA site, which may be useful if
- you want to include links that uses relative URLs. If the QA site is in a subdirectory of
- your site, $relative_url_prefix.'../' refers to your site root (see example 1).
- If you don't know what to display for a user, you can leave the default below. This will
- show the public username, linked to the QA profile page for each user.
- */
- function qa_get_users_html($qa_db_connection, $userids, $should_include_link, $relative_url_prefix) {
- // By default, show the public username linked to the QA profile page for each user
- $useridtopublic=qa_get_public_from_userids($qa_db_connection, $userids);
- $usershtml=array();
- foreach ($userids as $userid) {
- $publicusername=$useridtopublic[$userid];
- $usershtml[$userid]=htmlspecialchars($publicusername);
- if ($should_include_link)
- $usershtml[$userid]='<A HREF="'.htmlspecialchars($relative_url_prefix.'user/'.urlencode($publicusername)).
- '" CLASS="qa-user-link">'.$usershtml[$userid].'</A>';
- }
- return $usershtml;
- /*
- Example 1 - suitable if:
- * Your QA site: http://www.mysite.com/qa/
- * Your user pages: http://www.mysite.com/user/[username]
- $useridtopublic=qa_get_public_from_userids($qa_db_connection, $userids);
- foreach ($userids as $userid) {
- $publicusername=$useridtopublic[$userid];
- $usershtml[$userid]=htmlspecialchars($publicusername);
- if ($should_include_link)
- $usershtml[$userid]='<A HREF="'.htmlspecialchars($relative_url_prefix.'../user/'.urlencode($publicusername)).
- '" CLASS="qa-user-link">'.$usershtml[$userid].'</A>';
- }
- return $usershtml;
- */
- /*
- Example 2 - suitable if:
- * Your QA site: http://qa.mysite.com/
- * Your user pages: http://www.mysite.com/[username]/
- * User photos (16x16): http://www.mysite.com/[username]/photo-small.jpeg
- $useridtopublic=qa_get_public_from_userids($qa_db_connection, $userids);
- foreach ($userids as $userid) {
- $publicusername=$useridtopublic[$userid];
- $usershtml[$userid]='<IMG SRC="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).'/photo-small.jpeg" '.
- 'STYLE="width:16px; height:16px; border:0; margin-right:4px;">'.htmlspecialchars($publicusername);
- if ($should_include_link)
- $usershtml[$userid]='<A HREF="http://www.mysite.com/'.htmlspecialchars(urlencode($publicusername)).
- '/" CLASS="qa-user-link">'.$usershtml[$userid].'</A>';
- }
- return $usershtml;
- */
- }
- /*
- ==========================================================================
- YOU MAY MODIFY THIS FUNCTION, BUT THE DEFAULT BELOW WILL WORK OK
- ==========================================================================
- qa_user_report_action($qa_db_connection, $userid, $action, $questionid, $answerid, $commentid)
- Informs you about an action by user $userid that modified the database, such as posting,
- voting, etc... If you wish, you may use this to log user activity or monitor for abuse.
- $qa_db_connection is an open connection to the QA database. If your database is shared with
- QA, you can use this with PHP's MySQL functions such as mysql_query() to run queries.
- $action is one of:
- q_post, q_edit, q_hide, q_reshow, q_claim, q_vote_up, q_vote_down, q_vote_nil
- a_post, a_edit, a_hide, a_reshow, a_claim, a_vote_up, a_vote_down, a_vote_nil, a_select, a_unselect
- c_post, c_edit, c_hide, c_reshow, c_claim
- $questionid and/or $answerid and/or $commentid contain the ID of the relevant question or answer
- or comment affected, or null if this information is not appropriate for $action.
- FYI, you can get the IP address of the user from $_SERVER['REMOTE_ADDR'].
- */
- function qa_user_report_action($qa_db_connection, $userid, $action, $questionid, $answerid, $commentid) {
- // do nothing by default
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement