API tools faq
paste
Advertisement
Guest User

include/database.php

a guest
Jun 27th, 2015
96
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.08 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * Database.php
  4. *
  5. * The Database class is meant to simplify the task of accessing
  6. * information from the website's database.
  7. *
  8. * Please subscribe to our feeds at http://blog.geotitles.com for more such tutorials
  9. */
  10. include("constants.php");
  11.  
  12. class MySQLDB
  13. {
  14. var $connection; //The MySQL database connection
  15. var $num_active_users; //Number of active users viewing site
  16. var $num_active_guests; //Number of active guests viewing site
  17. var $num_members; //Number of signed-up users
  18. /* Note: call getNumMembers() to access $num_members! */
  19.  
  20. /* Class constructor */
  21. function MySQLDB(){
  22. /* Make connection to database */
  23. $this->connection = mysqli_connect(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
  24. if (mysqli_connect_errno()) {
  25. die("Failed to connect to MySQL: " . mysqli_connect_error());
  26. }
  27.  
  28. /**
  29. * Only query database to find out number of members
  30. * when getNumMembers() is called for the first time,
  31. * until then, default value set.
  32. */
  33. $this->num_members = -1;
  34.  
  35. if(TRACK_VISITORS){
  36. /* Calculate number of users at site */
  37. $this->calcNumActiveUsers();
  38.  
  39. /* Calculate number of guests at site */
  40. $this->calcNumActiveGuests();
  41. }
  42. }
  43.  
  44. /**
  45. * confirmUserPass - Checks whether or not the given
  46. * username is in the database, if so it checks if the
  47. * given password is the same password in the database
  48. * for that user. If the user doesn't exist or if the
  49. * passwords don't match up, it returns an error code
  50. * (1 or 2). On success it returns 0.
  51. */
  52. function confirmUserPass($username, $password){
  53. /* Add slashes if necessary (for query) */
  54. if(!get_magic_quotes_gpc()) {
  55. $username = addslashes($username);
  56. }
  57.  
  58. /* Verify that user is in database */
  59. $q = "SELECT password FROM ".TBL_USERS." WHERE username = '$username'";
  60. $result = mysqli_query($this->connection, $q);
  61. if(!$result || (mysqli_num_rows($result) < 1)){
  62. return 1; //Indicates username failure
  63. }
  64.  
  65. /* Retrieve password from result, strip slashes */
  66. $dbarray = mysqli_fetch_array($result);
  67. $dbarray['password'] = stripslashes($dbarray['password']);
  68. $password = stripslashes($password);
  69.  
  70. /* Validate that password is correct */
  71. if($password == $dbarray['password']){
  72. return 0; //Success! Username and password confirmed
  73. }
  74. else{
  75. return 2; //Indicates password failure
  76. }
  77. }
  78.  
  79. /**
  80. * confirmUserID - Checks whether or not the given
  81. * username is in the database, if so it checks if the
  82. * given userid is the same userid in the database
  83. * for that user. If the user doesn't exist or if the
  84. * userids don't match up, it returns an error code
  85. * (1 or 2). On success it returns 0.
  86. */
  87. function confirmUserID($username, $userid){
  88. /* Add slashes if necessary (for query) */
  89. if(!get_magic_quotes_gpc()) {
  90. $username = addslashes($username);
  91. }
  92.  
  93. /* Verify that user is in database */
  94. $q = "SELECT userid FROM ".TBL_USERS." WHERE username = '$username'";
  95. $result = mysqli_query($this->connection, $q);
  96. if(!$result || (mysqli_num_rows($result) < 1)){
  97. return 1; //Indicates username failure
  98. }
  99.  
  100. /* Retrieve userid from result, strip slashes */
  101. $dbarray = mysqli_fetch_array($result);
  102. $dbarray['userid'] = stripslashes($dbarray['userid']);
  103. $userid = stripslashes($userid);
  104.  
  105. /* Validate that userid is correct */
  106. if($userid == $dbarray['userid']){
  107. return 0; //Success! Username and userid confirmed
  108. }
  109. else{
  110. return 2; //Indicates userid invalid
  111. }
  112. }
  113.  
  114. /**
  115. * usernameTaken - Returns true if the username has
  116. * been taken by another user, false otherwise.
  117. */
  118. function usernameTaken($username){
  119. if(!get_magic_quotes_gpc()){
  120. $username = addslashes($username);
  121. }
  122. $q = "SELECT username FROM ".TBL_USERS." WHERE username = '$username'";
  123. $result = mysqli_query($this->connection, $q);
  124. return (mysqli_num_rows($result) > 0);
  125. }
  126.  
  127. /* check if email address has been taken*/
  128. function email_check($email){
  129. if(!get_magic_quotes_gpc()){
  130. $email = addslashes($email);
  131. }
  132. $q = "SELECT username FROM ".TBL_USERS." WHERE email = '$email'";
  133. $result = mysqli_query($this->connection, $q);
  134. return (mysqli_num_rows($result) > 0);
  135. }
  136.  
  137. /**
  138. * usernameBanned - Returns true if the username has
  139. * been banned by the administrator.
  140. */
  141. function usernameBanned($username){
  142. if(!get_magic_quotes_gpc()){
  143. $username = addslashes($username);
  144. }
  145. $q = "SELECT username FROM ".TBL_BANNED_USERS." WHERE username = '$username'";
  146. $result = mysqli_query($this->connection, $q);
  147. return (mysqli_num_rows($result) > 0);
  148. }
  149.  
  150. /**
  151. * addNewUser - Inserts the given (username, password, email)
  152. * info into the database. Appropriate user level is set.
  153. * Returns true on success, false otherwise.
  154. */
  155. function addNewUser($username, $password, $email){
  156. $time = time();
  157. /* If admin sign up, give admin user level */
  158. if(strcasecmp($username, ADMIN_NAME) == 0){
  159. $ulevel = ADMIN_LEVEL;
  160. }else{
  161. $ulevel = USER_LEVEL;
  162. }
  163. $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time)";
  164. return mysqli_query($this->connection, $q);
  165. }
  166.  
  167. /**
  168. * updateUserField - Updates a field, specified by the field
  169. * parameter, in the user's row of the database.
  170. */
  171. function updateUserField($username, $field, $value){
  172. $q = "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'";
  173. return mysqli_query($this->connection, $q);
  174. }
  175.  
  176. /**
  177. * getUserInfo - Returns the result array from a mysql
  178. * query asking for all information stored regarding
  179. * the given username. If query fails, NULL is returned.
  180. */
  181. function getUserInfo($username){
  182. $q = "SELECT * FROM ".TBL_USERS." WHERE username = '$username'";
  183. $result = mysqli_query($this->connection, $q);
  184. /* Error occurred, return given name by default */
  185. if(!$result || (mysqli_num_rows($result) < 1)){
  186. return NULL;
  187. }
  188. /* Return result array */
  189. $dbarray = mysqli_fetch_array($result);
  190. return $dbarray;
  191. }
  192.  
  193. /**
  194. * getNumMembers - Returns the number of signed-up users
  195. * of the website, banned members not included. The first
  196. * time the function is called on page load, the database
  197. * is queried, on subsequent calls, the stored result
  198. * is returned. This is to improve efficiency, effectively
  199. * not querying the database when no call is made.
  200. */
  201. function getNumMembers(){
  202. if($this->num_members < 0){
  203. $q = "SELECT * FROM ".TBL_USERS;
  204. $result = mysqli_query($this->connection, $q);
  205. $this->num_members = mysqli_num_rows($result);
  206. }
  207. return $this->num_members;
  208. }
  209.  
  210. /**
  211. * calcNumActiveUsers - Finds out how many active users
  212. * are viewing site and sets class variable accordingly.
  213. */
  214. function calcNumActiveUsers(){
  215. /* Calculate number of users at site */
  216. $q = "SELECT * FROM ".TBL_ACTIVE_USERS;
  217. $result = mysqli_query($this->connection, $q);
  218. $this->num_active_users = mysqli_num_rows($result);
  219. }
  220.  
  221. /**
  222. * calcNumActiveGuests - Finds out how many active guests
  223. * are viewing site and sets class variable accordingly.
  224. */
  225. function calcNumActiveGuests(){
  226. /* Calculate number of guests at site */
  227. $q = "SELECT * FROM ".TBL_ACTIVE_GUESTS;
  228. $result = mysqli_query($this->connection, $q);
  229. $this->num_active_guests = mysqli_num_rows($result);
  230. }
  231.  
  232. /**
  233. * addActiveUser - Updates username's last active timestamp
  234. * in the database, and also adds him to the table of
  235. * active users, or updates timestamp if already there.
  236. */
  237. function addActiveUser($username, $time){
  238. $q = "UPDATE ".TBL_USERS." SET timestamp = '$time' WHERE username = '$username'";
  239. mysqli_query($this->connection, $q);
  240.  
  241. if(!TRACK_VISITORS) return;
  242. $q = "REPLACE INTO ".TBL_ACTIVE_USERS." VALUES ('$username', '$time')";
  243. mysqli_query($this->connection, $q);
  244. $this->calcNumActiveUsers();
  245. }
  246.  
  247. /* addActiveGuest - Adds guest to active guests table */
  248. function addActiveGuest($ip, $time){
  249. if(!TRACK_VISITORS) return;
  250. $q = "REPLACE INTO ".TBL_ACTIVE_GUESTS." VALUES ('$ip', '$time')";
  251. mysqli_query($this->connection, $q);
  252. $this->calcNumActiveGuests();
  253. }
  254.  
  255. /* These functions are self explanatory, no need for comments */
  256.  
  257. /* removeActiveUser */
  258. function removeActiveUser($username){
  259. if(!TRACK_VISITORS) return;
  260. $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE username = '$username'";
  261. mysqli_query($this->connection, $q);
  262. $this->calcNumActiveUsers();
  263. }
  264.  
  265. /* removeActiveGuest */
  266. function removeActiveGuest($ip){
  267. if(!TRACK_VISITORS) return;
  268. $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE ip = '$ip'";
  269. mysqli_query($this->connection, $q);
  270. $this->calcNumActiveGuests();
  271. }
  272.  
  273. /* removeInactiveUsers */
  274. function removeInactiveUsers(){
  275. if(!TRACK_VISITORS) return;
  276. $timeout = time()-USER_TIMEOUT*60;
  277. $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE timestamp < $timeout";
  278. mysqli_query($this->connection, $q);
  279. $this->calcNumActiveUsers();
  280. }
  281.  
  282. /* removeInactiveGuests */
  283. function removeInactiveGuests(){
  284. if(!TRACK_VISITORS) return;
  285. $timeout = time()-GUEST_TIMEOUT*60;
  286. $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE timestamp < $timeout";
  287. mysqli_query($this->connection, $q);
  288. $this->calcNumActiveGuests();
  289. }
  290.  
  291. /**
  292. * query - Performs the given query on the database and
  293. * returns the result, which may be false, true or a
  294. * resource identifier.
  295. */
  296. function query($query){
  297. return mysqli_query($this->connection, $query);
  298. }
  299.  
  300. function mysqli_result($result,$row,$field=0) {
  301. if ($result===false) return false;
  302. if ($row>=mysqli_num_rows($result)) return false;
  303. if (is_string($field) && !(strpos($field,".")===false)) {
  304. $t_field=explode(".",$field);
  305. $field=-1;
  306. $t_fields=mysqli_fetch_fields($result);
  307. for ($id=0;$id<mysqli_num_fields($result);$id++) {
  308. if ($t_fields[$id]->table==$t_field[0] && $t_fields[$id]->name==$t_field[1]) {
  309. $field=$id;
  310. break;
  311. }
  312. }
  313. if ($field==-1) return false;
  314. }
  315. mysqli_data_seek($result,$row);
  316. $line=mysqli_fetch_array($result);
  317. return isset($line[$field])?$line[$field]:false;
  318. }
  319. };
  320.  
  321. /* Create database connection */
  322. $database = new MySQLDB;
  323.  
  324. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!