Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class user {
- private static $conf;
- public static $_i;
- private function __construct() {
- self::$conf = conf('user');
- }
- public function __clone() { }
- public static function instance() {
- if(self::$_i instanceof self) {
- return self::$_i;
- } else {
- self::$_i = new self;
- return self::$_i;
- }
- }
- public function isSignedIn() {
- $s = $_SESSION['getGuestlist_User'];
- if(isset($s['id']) && isset($s['code'])) {
- $q = c('database')->select("SELECT * FROM `user_account` WHERE id = ".addslashes(trim($s['id']))." AND code = '".addslashes(trim($s['code']))."' AND ip = '".$_SERVER['REMOTE_ADDR']."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- return false;
- }
- public function isRegistered($v, $t) {
- if(!empty($v) && !empty($t)) {
- switch($t) {
- case 'email': $f = 'email'; break;
- case 'username': $f = 'username'; break;
- case 'mobile': $f = 'mobile'; break;
- }
- if(isset($f)) {
- $q = c('database')->select("SELECT id FROM `user_account` WHERE ".$f." = '".addslashes(trim($v))."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- }
- return false;
- }
- public function isUser($user) {
- if(!empty($user)) {
- $user = addslashes(trim($user));
- $q = c('database')->select("SELECT id FROM `user_account` WHERE (id = '".$user."' OR username = '".$user."')");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- return false;
- }
- public function isEmail($email) {
- if(!empty($email)) {
- $user = addslashes(trim($email));
- $q = c('database')->select("SELECT id FROM `user_account` WHERE email = '".$email."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- return false;
- }
- public function isPromoter($user) {
- if(!empty($user)) {
- $user = addslashes(trim($user));
- $q = c('database')->select("SELECT id FROM `user_account` WHERE (id = '".$user."' OR username = '".$user."') AND type = '1'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- return false;
- }
- public function isStaff($user) {
- if(!empty($user)) {
- $user = addslashes(trim($user));
- $q = c('database')->select("SELECT id FROM `user_account` WHERE (id = '".$user."' OR username = '".$user."') AND type = '3'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- return false;
- }
- public function isAdmin($user) {
- if(!empty($user)) {
- $user = addslashes(trim($user));
- $q = c('database')->select("SELECT id FROM `user_account` WHERE (id = '".$user."' OR username = '".$user."') AND type = '4'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- return false;
- }
- public function signIn($username, $password) {
- if(!empty($username) && !empty($password)) {
- $username = addslashes(trim($username));
- $password = addslashes(trim($password));
- $q = c('database')->select("SELECT id FROM `user_account` WHERE username = '".$username."' AND password = '".$password."'");
- if($q->error() === false && $q->rowCount() === 1) {
- $user = $q->row('assoc');
- if($user !== false) {
- $user['code'] = $this->generateUserCode();
- if($user['code'] !== false) {
- if($this->update('code', $user['code'], $user['id']) === true) {
- $this->update('ip', $_SERVER['REMOTE_ADDR'], $user['id']);
- $_SESSION['getGuestlist_User'] = array('id' => $user['id'], 'code' => $user['code']);
- return $user['id'];
- }
- }
- }
- }
- }
- return false;
- }
- public function signOut() {
- if($this->isSignedIn() === true) {
- $s = $_SESSION['getGuestlist_User'];
- $q = c('database')->update("UPDATE `user_account` SET code = '', ip = '' WHERE id = ".addslashes(trim($s['id'])));
- if($q->error() === false && $q->rowCount() === 1) {
- $_SESSION['getGuestlist_User'] = NULL;
- session_destroy();
- return true;
- }
- }
- return false;
- }
- public function register($username, $email, $password) {
- if(!empty($username) && !empty($email) && !empty($password)) {
- $q = c('database')->insert("INSERT INTO `user_account` (username, password, email, registered, status) VALUES (?, ?, ?, ?, ?);", array($username, $password, $email, time(), '0'));
- if($q->error() === false && $q->rowCount() === 1) {
- return $q->insertId();
- }
- }
- return false;
- }
- public function passwd($password) { return crypt($password, self::$conf['salt']); }
- public function generateUserCode() { return System::randomString(25); }
- public function update($field, $value, $user) {
- if(!empty($field) && $value !== '' && !is_null($value) && !empty($user)) {
- if($this->isUser($user) === true) {
- $field = addslashes(trim($field));
- $value = addslashes(trim($value));
- $user = addslashes(trim($user));
- $q = c('database')->select("SHOW COLUMNS IN `user_account`");
- if($q->error() === false && $q->rowCount() > 0) {
- $fields = $q->rows('assoc');
- for($i=0;$i<count($fields);$i++) {
- if($fields[$i]['Field'] === $field) {
- $field = array('name' => $fields[$i]['Field'], 'type' => $fields[$i]['Type']);
- break;
- }
- }
- }
- if(is_array($field) && count($field) > 0) {
- if(preg_match("/varchar\(([0-9]*)\)/", $field['type'], $matches) !== 0) {
- if(strlen($value) <= $matches[1]) {
- $q = c('database')->update("UPDATE `user_account` SET ".$field['name']." = '".$value."' WHERE id = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- } elseif(preg_match("/^(bigint|int|tinyint)\(([0-9]*)\)$/", $field['type'], $matches) !== 0) {
- if(is_int($value)) {
- $q = c('database')->update("UPDATE `user_account` SET ".$field['name']." = '".$value."' WHERE id = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- } elseif(preg_match("/^float\(([0-9\,]*)\)$/", $field['type'], $matches) !== 0) {
- $dec = explode(',', $matches[1]);
- if(is_float($value)) {
- $q = c('database')->update("UPDATE `user_account` SET ".$field['name']." = '".$value."' WHERE id = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- } elseif(preg_match("/^(text|longtext)$/", $field['type']) !== 0) {
- $value = htmlentities($value);
- $q = c('database')->update("UPDATE `user_account` SET ".$field['name']." = '".$value."' WHERE id = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- } elseif(preg_match("/^(enum|set)\(([0-9a-zA-Z\,\']*)\)$/", $field['type'], $matches) !== 0) {
- $opts = explode(',', str_replace("'", '', $matches[2]));
- if(in_array($value, $opts)) {
- $q = c('database')->update("UPDATE `user_account` SET ".$field['name']." = '".$value."' WHERE id = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- }
- }
- }
- }
- return false;
- }
- public function updatePromoter($field, $value, $user) {
- if(!empty($field) && $value !== '' && !is_null($value) && !empty($user)) {
- if($this->isUser($user) === true) {
- $field = addslashes(trim($field));
- $value = addslashes(trim($value));
- $user = addslashes(trim($user));
- $q = c('database')->select("SHOW COLUMNS IN `user_promoter_information`");
- if($q->error() === false && $q->rowCount() > 0) {
- $fields = $q->rows('assoc');
- for($i=0;$i<count($fields);$i++) {
- if($fields[$i]['Field'] === $field) {
- $field = array('name' => $fields[$i]['Field'], 'type' => $fields[$i]['Type']);
- break;
- }
- }
- }
- if(is_array($field) && count($field) > 0) {
- if(preg_match("/varchar\(([0-9]*)\)/", $field['type'], $matches) !== 0) {
- if(strlen($value) <= $matches[1]) {
- $q = c('database')->update("UPDATE `user_promoter_information` SET ".$field['name']." = '".$value."' WHERE uid = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- } elseif(preg_match("/^(bigint|int|tinyint)\(([0-9]*)\)$/", $field['type'], $matches) !== 0) {
- if(is_int($value)) {
- $q = c('database')->update("UPDATE `user_promoter_information` SET ".$field['name']." = '".$value."' WHERE uid = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- } elseif(preg_match("/^float\(([0-9\,]*)\)$/", $field['type'], $matches) !== 0) {
- $dec = explode(',', $matches[1]);
- if(is_float($value)) {
- $q = c('database')->update("UPDATE `user_promoter_information` SET ".$field['name']." = '".$value."' WHERE uid = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- } elseif(preg_match("/^(text|longtext)$/", $field['type']) !== 0) {
- $value = htmlentities($value);
- $q = c('database')->update("UPDATE `user_promoter_information` SET ".$field['name']." = '".$value."' WHERE uid = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- } elseif(preg_match("/^(enum|set)\(([0-9a-zA-Z\,\']*)\)$/", $field['type'], $matches) !== 0) {
- $opts = explode(',', str_replace("'", '', $matches[2]));
- if(in_array($value, $opts)) {
- $q = c('database')->update("UPDATE `user_promoter_information` SET ".$field['name']." = '".$value."' WHERE uid = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- return true;
- }
- }
- }
- }
- }
- }
- return false;
- }
- public function promoterLogo($logo, $user) {
- if(!empty($logo) && !empty($user) && $this->isUser($user)) {
- if(is_uploaded_file($logo['tmp_name'])) {
- $data = @exif_read_data($logo['tmp_name']);
- if(!empty($data)) {
- $max = (1024*1024)*2;
- $types = array('image/x-png', 'image/png', 'image/jpeg', 'image/jpg', 'image/pjpeg');
- if(!in_array($data['MimeType'], $types)) {
- return 1;
- }
- if($data['FileSize'] > $max) {
- return 2;
- }
- $new = $user;
- $dir = getcwd().'/data/uploads/logos/';
- if(is_file($dir.$new)) {
- unlink($dir.$new);
- }
- if(move_uploaded_file($logo['tmp_name'], $dir.$new)) {
- $mw = self::$conf['logoWidth'];
- $mh = self::$conf['logoHeight'];
- $w = $data['COMPUTED']['Width'];
- $h = $data['COMPUTED']['Height'];
- if($w > $mw || $h > $mh) {
- if($w > $h) {
- $p = $mw / $w;
- } else {
- $p = $mh / $h;
- }
- $nw = round($w * $p);
- $nh = round($h * $p);
- $image = imagecreatetruecolor($nw, $nh);
- if($data['MimeType'] === 'image/x-png' || $data['MimeType'] === 'image/png') {
- $im = imagecreatefrompng($dir.$new);
- } elseif($data['MimeType'] === 'image/jpeg' || $data['MimeType'] === 'image/jpg' || $data['MimeType'] === 'image/pjpeg') {
- $im = imagecreatefromjpeg($dir.$new);
- }
- imagecopyresampled($image, $im, 0, 0, 0, 0, $nw, $nh, $w, $h);
- unlink($dir.$new);
- imagepng($image, $dir.$new);
- $data['MimeType'] = 'image/png';
- }
- return $this->updatePromoter('logo', $data['MimeType'], $user);
- }
- }
- }
- }
- return false;
- }
- public function get($field, $user) {
- $field = addslashes(trim($field));
- $user = addslashes(trim($user));
- if(!empty($field) && !empty($user)) {
- $q = c('database')->select("SELECT ".$field." FROM user_account WHERE id = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- $r = $q->row('num');
- return $r[0];
- }
- }
- return false;
- }
- public function getPromoter($field, $user) {
- $field = addslashes(trim($field));
- $user = addslashes(trim($user));
- if(!empty($field) && !empty($user)) {
- $q = c('database')->select("SELECT ".$field." FROM user_promoter_information WHERE uid = '".$user."'");
- if($q->error() === false && $q->rowCount() === 1) {
- $r = $q->row('num');
- return $r[0];
- }
- }
- return false;
- }
- public function getUserProfile($id = NULL) {
- if($this->isSignedIn() === true) {
- if(is_null($user)) {
- $id = addslashes(trim($_SESSION['getGuestlist_User']['id']));
- }
- if(!empty($id) && $this->isUser($id) === true) {
- $q = c('database')->select("SELECT id, first_name, last_name, email, password, mobile, student, location, uni FROM user_account WHERE id = '".$id."'");
- if($q->error() === false && $q->rowCount() === 1) {
- $user = $q->row('assoc');
- }
- if($this->isPromoter($id) === true) {
- $q = c('database')->select("SELECT * FROM user_promoter_information WHERE uid = '".$id."'");
- if($q->error() === false && $q->rowCount() === 1) {
- $user['promoter'] = $q->row('assoc');
- }
- }
- if(is_array($user) && count($user) > 0) {
- return $user;
- }
- }
- }
- return false;
- }
- public function getId() {
- if($this->isSignedIn() === true) {
- $s = $_SESSION['getGuestlist_User'];
- $id = addslashes(trim($s['id']));
- return $id;
- }
- return false;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement