<?include("constants.php"); class MySQLDB{ var $connection;

1. <?
2. include("constants.php");
3.  
4. class MySQLDB
5. {
6. var $connection; //The MySQL database connection
7. var $num_active_users; //Number of active users viewing site
8. var $num_active_guests; //Number of active guests viewing site
9. var $num_members; //Number of signed-up users
10. /* Note: call getNumMembers() to access $num_members! */
11.  
12. /* Class constructor */
13. function MySQLDB(){
14. /* Make connection to database */
15. $this->connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die(mysql_error());
16. mysql_select_db(DB_NAME, $this->connection) or die(mysql_error());
17.  
18. /**
19. * Only query database to find out number of members
20. * when getNumMembers() is called for the first time,
21. * until then, default value set.
22. */
23. $this->num_members = -1;
24.  
25. if(TRACK_VISITORS){
26. /* Calculate number of users at site */
27. $this->calcNumActiveUsers();
28.  
29. /* Calculate number of guests at site */
30. $this->calcNumActiveGuests();
31. }
32. }
33.  
34. /**
35. * confirmUserPass - Checks whether or not the given
36. * username is in the database, if so it checks if the
37. * given password is the same password in the database
38. * for that user. If the user doesn't exist or if the
39. * passwords don't match up, it returns an error code
40. * (1 or 2). On success it returns 0.
41. */
42. function confirmUserPass($username, $password){
43. /* Add slashes if necessary (for query) */
44. if(!get_magic_quotes_gpc()) {
45. $username = addslashes($username);
46. }
47.  
48. /* Verify that user is in database */
49. $q = "SELECT password FROM ".TBL_USERS." WHERE username = '$username'";
50. $result = mysql_query($q, $this->connection);
51. if(!$result || (mysql_numrows($result) < 1)){
52. return 1; //Indicates username failure
53. }
54.  
55. /* Retrieve password from result, strip slashes */
56. $dbarray = mysql_fetch_array($result);
57. $dbarray['password'] = stripslashes($dbarray['password']);
58. $password = stripslashes($password);
59.  
60. /* Validate that password is correct */
61. if($password == $dbarray['password']){
62. return 0; //Success! Username and password confirmed
63. }
64. else{
65. return 2; //Indicates password failure
66. }
67. }
68.  
69. /**
70. * confirmUserID - Checks whether or not the given
71. * username is in the database, if so it checks if the
72. * given userid is the same userid in the database
73. * for that user. If the user doesn't exist or if the
74. * userids don't match up, it returns an error code
75. * (1 or 2). On success it returns 0.
76. */
77. function confirmUserID($username, $userid){
78. /* Add slashes if necessary (for query) */
79. if(!get_magic_quotes_gpc()) {
80. $username = addslashes($username);
81. }
82.  
83. /* Verify that user is in database */
84. $q = "SELECT userid FROM ".TBL_USERS." WHERE username = '$username'";
85. $result = mysql_query($q, $this->connection);
86. if(!$result || (mysql_numrows($result) < 1)){
87. return 1; //Indicates username failure
88. }
89.  
90. /* Retrieve userid from result, strip slashes */
91. $dbarray = mysql_fetch_array($result);
92. $dbarray['userid'] = stripslashes($dbarray['userid']);
93. $userid = stripslashes($userid);
94.  
95. /* Validate that userid is correct */
96. if($userid == $dbarray['userid']){
97. return 0; //Success! Username and userid confirmed
98. }
99. else{
100. return 2; //Indicates userid invalid
101. }
102. }
103.  
104. /**
105. * usernameTaken - Returns true if the username has
106. * been taken by another user, false otherwise.
107. */
108. function usernameTaken($username){
109. if(!get_magic_quotes_gpc()){
110. $username = addslashes($username);
111. }
112. $q = "SELECT username FROM ".TBL_USERS." WHERE username = '$username'";
113. $result = mysql_query($q, $this->connection);
114. return (mysql_numrows($result) > 0);
115. }
116.  
117. /**
118. * usernameBanned - Returns true if the username has
119. * been banned by the administrator.
120. */
121. function usernameBanned($username){
122. if(!get_magic_quotes_gpc()){
123. $username = addslashes($username);
124. }
125. $q = "SELECT username FROM ".TBL_BANNED_USERS." WHERE username = '$username'";
126. $result = mysql_query($q, $this->connection);
127. return (mysql_numrows($result) > 0);
128. }
129.  
130. /**
131. * addNewUser - Inserts the given (username, password, email)
132. * info into the database. Appropriate user level is set.
133. * Returns true on success, false otherwise.
134. */
135. function addNewUser($username, $password, $email, $web, $country, $avatar, $status, $pm_count){
136. $time = time();
137. /* If admin sign up, give admin user level */
138. if(strcasecmp($username, ADMIN_NAME) == 0){
139. $ulevel = ADMIN_LEVEL;
140. }else{
141. $ulevel = USER_LEVEL;
142. }
143. $q = "INSERT INTO ".TBL_USERS." VALUES ('$username', '$password', '0', $ulevel, '$email', $time, '$web', '$country', '$avatar', '$status', '$pm_count')";
144. return mysql_query($q, $this->connection);
145. }
146.  
147. /**
148. * updateUserField - Updates a field, specified by the field
149. * parameter, in the user's row of the database.
150. */
151. function updateUserField($username, $field, $value){
152. $q = "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'";
153. return mysql_query($q, $this->connection);
154. }
155.  
156. function updateForumField($username, $field, $value){
157. $q = "UPDATE forum SET author_".$field." = '$value' WHERE author = '$username'";
158. return mysql_query($q, $this->connection);
159. }
160.  
161. /**
162. * getUserInfo - Returns the result array from a mysql
163. * query asking for all information stored regarding
164. * the given username. If query fails, NULL is returned.
165. */
166. function getUserInfo($username){
167. $q = "SELECT * FROM ".TBL_USERS." WHERE username = '$username'";
168. $result = mysql_query($q, $this->connection);
169. /* Error occurred, return given name by default */
170. if(!$result || (mysql_numrows($result) < 1)){
171. return NULL;
172. }
173. /* Return result array */
174. $dbarray = mysql_fetch_array($result);
175. return $dbarray;
176. }
177.  
178. /**
179. * getNumMembers - Returns the number of signed-up users
180. * of the website, banned members not included. The first
181. * time the function is called on page load, the database
182. * is queried, on subsequent calls, the stored result
183. * is returned. This is to improve efficiency, effectively
184. * not querying the database when no call is made.
185. */
186. function getNumMembers(){
187. if($this->num_members < 0){
188. $q = "SELECT * FROM ".TBL_USERS;
189. $result = mysql_query($q, $this->connection);
190. $this->num_members = mysql_numrows($result);
191. }
192. return $this->num_members;
193. }
194.  
195. /**
196. * calcNumActiveUsers - Finds out how many active users
197. * are viewing site and sets class variable accordingly.
198. */
199. function calcNumActiveUsers(){
200. /* Calculate number of users at site */
201. $q = "SELECT * FROM ".TBL_ACTIVE_USERS;
202. $result = mysql_query($q, $this->connection);
203. $this->num_active_users = mysql_numrows($result);
204. }
205.  
206. /**
207. * calcNumActiveGuests - Finds out how many active guests
208. * are viewing site and sets class variable accordingly.
209. */
210. function calcNumActiveGuests(){
211. /* Calculate number of guests at site */
212. $q = "SELECT * FROM ".TBL_ACTIVE_GUESTS;
213. $result = mysql_query($q, $this->connection);
214. $this->num_active_guests = mysql_numrows($result);
215. }
216.  
217. /**
218. * addActiveUser - Updates username's last active timestamp
219. * in the database, and also adds him to the table of
220. * active users, or updates timestamp if already there.
221. */
222. function addActiveUser($username, $time){
223. $q = "UPDATE ".TBL_USERS." SET timestamp = '$time' WHERE username = '$username'";
224. mysql_query($q, $this->connection);
225.  
226. if(!TRACK_VISITORS) return;
227. $q = "REPLACE INTO ".TBL_ACTIVE_USERS." VALUES ('$username', '$time')";
228. mysql_query($q, $this->connection);
229. $this->calcNumActiveUsers();
230. }
231.  
232. /* addActiveGuest - Adds guest to active guests table */
233. function addActiveGuest($ip, $time){
234. if(!TRACK_VISITORS) return;
235. $q = "REPLACE INTO ".TBL_ACTIVE_GUESTS." VALUES ('$ip', '$time')";
236. mysql_query($q, $this->connection);
237. $this->calcNumActiveGuests();
238. }
239.  
240. /* These functions are self explanatory, no need for comments */
241.  
242. /* removeActiveUser */
243. function removeActiveUser($username){
244. if(!TRACK_VISITORS) return;
245. $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE username = '$username'";
246. mysql_query($q, $this->connection);
247. $this->calcNumActiveUsers();
248. }
249.  
250. /* removeActiveGuest */
251. function removeActiveGuest($ip){
252. if(!TRACK_VISITORS) return;
253. $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE ip = '$ip'";
254. mysql_query($q, $this->connection);
255. $this->calcNumActiveGuests();
256. }
257.  
258. /* removeInactiveUsers */
259. function removeInactiveUsers(){
260. if(!TRACK_VISITORS) return;
261. $timeout = time()-USER_TIMEOUT*60;
262. $q = "DELETE FROM ".TBL_ACTIVE_USERS." WHERE timestamp < $timeout";
263. mysql_query($q, $this->connection);
264. $this->calcNumActiveUsers();
265. }
266.  
267. /* removeInactiveGuests */
268. function removeInactiveGuests(){
269. if(!TRACK_VISITORS) return;
270. $timeout = time()-GUEST_TIMEOUT*60;
271. $q = "DELETE FROM ".TBL_ACTIVE_GUESTS." WHERE timestamp < $timeout";
272. mysql_query($q, $this->connection);
273. $this->calcNumActiveGuests();
274. }
275.  
276. /**
277. * query - Performs the given query on the database and
278. * returns the result, which may be false, true or a
279. * resource identifier.
280. */
281. function query($query){
282. return mysql_query($query, $this->connection);
283. }
284. };
285.  
286. /* Create database connection */
287. $database = new MySQLDB;
288.  
289.  
290. ?>