Commit 14b12b3a authored by Dries's avatar Dries
Browse files

* Added more and better error checking which should fix 'potential'
  bugs or weird behavior in case something goes wrong.  We aim for
  something that is rock-solid, right? :-)
parent 4b4d8c6c
...@@ -117,8 +117,8 @@ function account_makePassword($min_length=6) { ...@@ -117,8 +117,8 @@ function account_makePassword($min_length=6) {
switch ($op) { switch ($op) {
case "Login": case "Login":
session_start(); session_start();
$user = new User($userid,$passwd); $user = new User($userid, $passwd);
if ($user && $user->valid()) { session_register("user"); } if ($user && $user->valid()) session_register("user");
showUser($user->userid); showUser($user->userid);
break; break;
case "new": case "new":
...@@ -202,52 +202,59 @@ function account_makePassword($min_length=6) { ...@@ -202,52 +202,59 @@ function account_makePassword($min_length=6) {
} }
break; break;
case "editpage": case "editpage":
### Generate output/content: if ($user && $user->valid()) {
$output .= "<FORM ACTION=\"account.php\" METHOD=post>\n"; ### Generate output/content:
$output .= "<B>Theme:</B><BR>\n"; $output .= "<FORM ACTION=\"account.php\" METHOD=post>\n";
$output .= "<B>Theme:</B><BR>\n";
### Loop (dynamically) through all available themes:
$handle = opendir("themes");
while ($file = readdir($handle)) if(!ereg("^\.",$file) && file_exists("themes/$file/theme.class.php")) $options .= "<OPTION VALUE=\"$file\"". (((!empty($userinfo[theme])) && ($file == $cfg_theme)) || ($user->theme == $file) ? " SELECTED" : "") .">$file</OPTION>";
closedir($handle);
if ($userinfo[theme]=="") $userinfo[theme] = $cfg_theme; ### Loop (dynamically) through all available themes:
$output .= "<SELECT NAME=\"edit[theme]\">$options</SELECT><BR>\n"; $handle = opendir("themes");
$output .= "<I>Changes the look and feel of the site.</I><P>\n"; while ($file = readdir($handle)) if(!ereg("^\.",$file) && file_exists("themes/$file/theme.class.php")) $options .= "<OPTION VALUE=\"$file\"". (((!empty($userinfo[theme])) && ($file == $cfg_theme)) || ($user->theme == $file) ? " SELECTED" : "") .">$file</OPTION>";
$output .= "<B>Maximum number of stories:</B><BR>\n"; closedir($handle);
$output .= "<INPUT NAME=\"edit[storynum]\" MAXLENGTH=3 SIZE=3 VALUE=\"$user->storynum\"><P>\n";
$options = "<OPTION VALUE=\"nested\"". ($user->umode == 'nested' ? " SELECTED" : "") .">Nested</OPTION>";
$options .= "<OPTION VALUE=\"flat\"". ($user->umode == 'flat' ? " SELECTED" : "") .">Flat</OPTION>";
$options .= "<OPTION VALUE=\"threaded\"". ($user->umode == 'threaded' ? " SELECTED" : "") .">Threaded</OPTION>";
$output .= "<B>Display mode:</B><BR>\n";
$output .= "<SELECT NAME=\"edit[umode]\">$options</SELECT><P>\n";
$options = "<OPTION VALUE=0". ($user->uorder == 0 ? " SELECTED" : "") .">Oldest first</OPTION>";
$options .= "<OPTION VALUE=1". ($user->uorder == 1 ? " SELECTED" : "") .">Newest first</OPTION>";
$options .= "<OPTION VALUE=2". ($user->uorder == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>";
$output .= "<B>Sort order:</B><BR>\n";
$output .= "<SELECT NAME=\"edit[uorder]\">$options</SELECT><P>\n";
$options = "<OPTION VALUE=\"-1\"". ($user->thold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>";
$options .= "<OPTION VALUE=0". ($user->thold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>";
$options .= "<OPTION VALUE=1". ($user->thold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>";
$options .= "<OPTION VALUE=2". ($user->thold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>";
$options .= "<OPTION VALUE=3". ($user->thold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>";
$options .= "<OPTION VALUE=4". ($user->thold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>";
$options .= "<OPTION VALUE=5". ($user->thold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>";
$output .= "<B>Threshold:</B><BR>\n";
$output .= "<SELECT NAME=\"edit[thold]\">$options</SELECT><BR>\n";
$output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n";
$output .= "<B>Singature:</B> (255 char limit)<BR>\n";
$output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=35 ROWS=5 WRAP=virtual>$user->signature</TEXTAREA><BR>\n";
$output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n";
$output .= "<INPUT TYPE=submit NAME=op VALUE=\"Save page settings\"><BR>\n";
$output .= "</FORM>\n";
### Display output/content: if ($userinfo[theme]=="") $userinfo[theme] = $cfg_theme;
include "theme.inc"; $output .= "<SELECT NAME=\"edit[theme]\">$options</SELECT><BR>\n";
$theme->header(); $output .= "<I>Changes the look and feel of the site.</I><P>\n";
$theme->box("Customize page", $output); $output .= "<B>Maximum number of stories:</B><BR>\n";
$theme->footer(); $output .= "<INPUT NAME=\"edit[storynum]\" MAXLENGTH=3 SIZE=3 VALUE=\"$user->storynum\"><P>\n";
$options = "<OPTION VALUE=\"nested\"". ($user->umode == 'nested' ? " SELECTED" : "") .">Nested</OPTION>";
$options .= "<OPTION VALUE=\"flat\"". ($user->umode == 'flat' ? " SELECTED" : "") .">Flat</OPTION>";
$options .= "<OPTION VALUE=\"threaded\"". ($user->umode == 'threaded' ? " SELECTED" : "") .">Threaded</OPTION>";
$output .= "<B>Display mode:</B><BR>\n";
$output .= "<SELECT NAME=\"edit[umode]\">$options</SELECT><P>\n";
$options = "<OPTION VALUE=0". ($user->uorder == 0 ? " SELECTED" : "") .">Oldest first</OPTION>";
$options .= "<OPTION VALUE=1". ($user->uorder == 1 ? " SELECTED" : "") .">Newest first</OPTION>";
$options .= "<OPTION VALUE=2". ($user->uorder == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>";
$output .= "<B>Sort order:</B><BR>\n";
$output .= "<SELECT NAME=\"edit[uorder]\">$options</SELECT><P>\n";
$options = "<OPTION VALUE=\"-1\"". ($user->thold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>";
$options .= "<OPTION VALUE=0". ($user->thold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>";
$options .= "<OPTION VALUE=1". ($user->thold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>";
$options .= "<OPTION VALUE=2". ($user->thold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>";
$options .= "<OPTION VALUE=3". ($user->thold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>";
$options .= "<OPTION VALUE=4". ($user->thold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>";
$options .= "<OPTION VALUE=5". ($user->thold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>";
$output .= "<B>Threshold:</B><BR>\n";
$output .= "<SELECT NAME=\"edit[thold]\">$options</SELECT><BR>\n";
$output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n";
$output .= "<B>Singature:</B> (255 char limit)<BR>\n";
$output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=35 ROWS=5 WRAP=virtual>$user->signature</TEXTAREA><BR>\n";
$output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n";
$output .= "<INPUT TYPE=submit NAME=op VALUE=\"Save page settings\"><BR>\n";
$output .= "</FORM>\n";
### Display output/content:
include "theme.inc";
$theme->header();
$theme->box("Customize page", $output);
$theme->footer();
}
else {
include "theme.inc";
$theme->header();
$theme->box("Login", showLogin($userid));
$theme->footer();
}
break; break;
case "Save user information": case "Save user information":
if ($user && $user->valid()) { if ($user && $user->valid()) {
...@@ -280,4 +287,5 @@ function account_makePassword($min_length=6) { ...@@ -280,4 +287,5 @@ function account_makePassword($min_length=6) {
default: default:
showUser($user->userid); showUser($user->userid);
} }
?> ?>
\ No newline at end of file
<? <?
$access = array("Administrator" => 0x00000001, $access = array("Administrator" => 0x00000001,
"User manager" => 0x00000002, "User manager" => 0x00000002,
"News manager" => 0x00000004); "News manager" => 0x00000004);
...@@ -10,6 +11,7 @@ function User($userid, $passwd="") { ...@@ -10,6 +11,7 @@ function User($userid, $passwd="") {
foreach (db_fetch_row($result) as $key=>$value) { $field = mysql_field_name($result, $key); $this->$field = stripslashes($value); $this->field[] = $field; } foreach (db_fetch_row($result) as $key=>$value) { $field = mysql_field_name($result, $key); $this->$field = stripslashes($value); $this->field[] = $field; }
} }
} }
function save() { function save() {
### Compose query to update user record: ### Compose query to update user record:
$query .= "UPDATE users SET "; $query .= "UPDATE users SET ";
...@@ -18,25 +20,29 @@ function save() { ...@@ -18,25 +20,29 @@ function save() {
### Perform query: ### Perform query:
db_query($query); db_query($query);
} }
function rehash() { function rehash() {
$result = db_query("SELECT * FROM users WHERE id=$this->id"); $result = db_query("SELECT * FROM users WHERE id=$this->id");
if (db_num_rows($result) == 1) { if (db_num_rows($result) == 1) {
foreach (db_fetch_array($result) as $key=>$value) { $this->$key = stripslashes($value); } foreach (db_fetch_array($result) as $key=>$value) { $this->$key = stripslashes($value); }
} }
} }
function valid($access=0) {
if (!empty($this->userid)) { function valid($access = 0) {
if ($this->userid) {
$this->rehash(); // synchronisation purpose $this->rehash(); // synchronisation purpose
$this->last_access = time(); $this->last_access = time();
$this->last_host = (!empty($GLOBALS[REMOTE_HOST]) ? $GLOBALS[REMOTE_HOST] : $GLOBALS[REMOTE_ADDR] ); $this->last_host = (!empty($GLOBALS[REMOTE_HOST]) ? $GLOBALS[REMOTE_HOST] : $GLOBALS[REMOTE_ADDR]);
db_query("UPDATE users SET last_access='$this->last_access',last_host='$this->last_host' WHERE id=$this->id"); db_query("UPDATE users SET last_access = '$this->last_access', last_host = '$this->last_host' WHERE id = $this->id");
if ($this->access & $access || $access == 0) return 1; if ($this->access & $access || $access == 0) return 1;
} }
return 0; return 0;
} }
function getHistory($field) { function getHistory($field) {
return getHistory($this->history, $field); return getHistory($this->history, $field);
} }
function setHistory($field, $value) { function setHistory($field, $value) {
$this->history = setHistory($this->history, $field, $value); $this->history = setHistory($this->history, $field, $value);
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment