Commit f5173ef2 authored by Dries's avatar Dries

- Applied user.module patch from Marco's sandbox.
- Added profile.module written by Marco.
parent b8c815d2
<?php
function _profile_init() {
/*
** Add here any field you might need. Leave array[0] blank if you
** need a special tool (like birthday or avatar).
** TODO: add a clear description/explanation.
*/
$GLOBALS["profile_fields"] = array(
"address" => array("textfield", t("Address"), "", 64, 64, t("Your address: street and number.")),
"city" => array("textfield", t("City"), "", 64, 64, t("Your city.")),
"state" => array("textfield", t("State"), "", 4, 2, t("Your state as a two letter code.")),
"zip" => array("textfield", t("Zip"), "", 7, 5, t("Your ZIP code.")),
"birthday" => array("", t("Birthday"), ""),
"gender" => array("select", t("Gender"), "", array(0 => "-", "m" => t("male"), "f" => t("female")), "", 0, 0),
"job" => array("textfield", t("Job title"), "", 64, 64, t("Your job title or position.")),
"icq" => array("textfield", t("ICQ messenger ID"), "", 12, 12, ""),
"msn" => array("textfield", t("MSN messenger ID"), "", 64, 64, ""),
"yahoo" => array("textfield", t("Yahoo messenger ID"), "", 64, 64, ""),
"aim" => array("textfield", t("AIM messenger ID"), "", 64, 64, ""),
"homepage" => array("textfield", t("URL of homepage"), "", 64, 64, t("Make sure you enter a fully qualified URL: remember to include \"http://\".")),
"biography" => array("textarea", t("Biography"), "", 64, 4, ""),
"interests" => array("textarea", t("Interests"), "", 64, 4, t("What you like.")),
"publickey" => array("textarea", t("Public key"), "", 64, 4, ""),
"avatar" => array("", t("Avatar or picture"), t("Your virtual face or picture."))
);
$GLOBALS["profile_days"][0] = t("day");
for ($n=1; $n<=31; $n++) {
$GLOBALS["profile_days"][$n] = $n;
}
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
}
function profile_system($field){
$system["description"] = t("Support for configurable user profiles.");
return $system[$field];
}
function profile_conf_options() {
global $profile_fields;
if (!$profile_fields) {
_profile_init();
}
foreach ($profile_fields as $key => $field) {
$fields[$key] = $field[1];
}
$output .= form_select(t("Registration time fields"), "profile_register_fields", variable_get("profile_register_fields", array()), $fields, t("The fields users will be able to set at registration time. Any required fields (see below) must appear here too."), "size=\"6\"", 1);
$output .= form_select(t("Required fields"), "profile_required_fields", variable_get("profile_required_fields", array()), $fields, t("The fields users that are required to be set."), "size=\"6\"", 1);
$output .= form_select(t("Publicly accessible fields"), "profile_public_fields", variable_get("profile_public_fields", array()), $fields, t("The fields users will be able to set and that will be publicly visible."), "size=\"6\"", 1);
$output .= form_select(t("Private fields"), "profile_private_fields", variable_get("profile_private_fields", array()), $fields, t("The fields users will be able to set, but which are kept private."), "size=\"6\"", 1);
$output .= form_textfield(t("Avatar image path"), "profile_avatar_path", variable_get("profile_avatar_path", "misc/avatars/"), 30, 255, t("Path for avatar directory; it must be writeable and visible from the web."));
$output .= form_textfield(t("Avatar max size"), "profile_avatar_size", variable_get("profile_avatar_size", "85x85"), 10, 10, t("Maximum size for avatars."));
$output .= form_textfield(t("Avatar max filesize"), "profile_avatar_filesize", variable_get("profile_avatar_filesize", "30"), 10, 10, t("Maximum filesize for avatars, in kb."));
return $output;
}
function profile_user($type, $edit, &$user) {
global $profile_fields;
if (!$profile_fields) {
_profile_init();
}
switch ($type) {
case "register_form":
// first registration form (to add something to just email and nick)
return _profile_form($edit, "register");
case "register_validate":
// validate first registration form
return _profile_validate($edit, "required");
case "edit_form":
// when user tries to edit his own data
return _profile_form(object2array($user), "private");
case "edit_validate":
// validate user data editing
return _profile_validate($edit, "private");
case "view_public":
// when others look at user data
return _profile_user_view($user, "public");
case "view_private":
// when user looks at his own data
return _profile_user_view($user, "private");
}
}
function profile_required($title) {
// this pleads "theme_invoke, theme_invoke" ;)
return $title ." <span style=\"color: red;\">*</span>";
}
function _profile_form($edit, $mode) {
global $profile_fields, $user;
$reg_fields = _profile_active_fields($mode);
$required_fields = _profile_active_fields("required");
foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) {
$f = "form_".$field[0];
$t = "profile_".$name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
}
}
if (in_array("birthday", $reg_fields)) {
$output .= form_item((in_array("birthday", $required_fields) ? profile_required($profile_fields["birthday"][1]) : $profile_fields["birthday"][1]), _profile_edit_birth(array2object($edit)), $profile_fields["birthday"][2]);
}
if (in_array("avatar", $reg_fields)) {
if ($edit["profile_avatar"] && $edit["uid"]) {
$file = profile_avatar_path($edit["uid"], $edit["profile_avatar"]);
if ($file) {
$output .= "<img src=\"$file\"><br />";
}
}
$output .= form_file($profile_fields["avatar"][1], "profile_avatar", 64, $profile_fields["avatar"][2]);
}
return $output;
}
function _profile_validate($edit, $mode) {
global $profile_fields, $user, $HTTP_POST_VARS;
$req_fields = _profile_active_fields($mode);
if (in_array("birthday", $req_fields) && ($birth_error = _profile_validate_birth($edit))) {
$error .= $birth_error."<br />";
}
if (in_array("avatar", $req_fields) && ($avatar_error = _profile_validate_avatar($edit))) {
$error .= $avatar_error."<br />";
}
foreach (array_keys($profile_fields) as $field) {
// replicate any key which was saved during registration but is not in this form
if (!$edit[$field] && $user->$field) {
$edit[$field] = $user->$field;
}
}
// now check for required fields
foreach(_profile_active_fields("required") as $required) {
if (in_array($required, $req_fields)) {
if (!$edit["profile_".$required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />";
}
}
}
if ($error) {
return $error;
}
else {
return $edit;
}
}
function _profile_user_view(&$user, $mode) {
global $profile_fields;
foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name];
$t = "profile_".$name;
switch ($field[0]) {
case "textfield":
case "textarea":
case "checkbox":
if (isset($user->$t)) {
$output .= form_item($field[1], check_output($user->$t));
}
break;
case "select":
if (isset($user->$t)) {
$output .= form_item($field[1], check_output($profile_fields[$name][3][$user->$t]));
}
break;
case "":
// special
if ($t == "profile_avatar") {
if (isset($user->$t)) {
$file = profile_avatar_path($user->uid, $user->profile_avatar);
if (file_exists($file)) {
$output .= form_item(t("Avatar"), "<img src=\"$file\" />");
}
}
}
if ($t == "profile_birthday") {
if (isset($user->profile_birthday) && isset($user->profile_birthmonth) && isset($user->profile_birthyear)) {
// this is very european-centric, can we use format_date?
$output .= form_item(t("Birthday"), $user->profile_birthday."/".$user->profile_birthmonth."/".$user->profile_birthyear);
}
}
}
}
return $output;
}
function _profile_validate_avatar(&$edit) {
global $HTTP_POST_FILES, $user;
// check that uploaded file is an image, with a max file size and max height/width
unset($edit["profile_avatar"]);
if ($HTTP_POST_FILES["edit"]["name"]["profile_avatar"] == "") {
$edit["profile_avatar"] = $user->profile_avatar;
return "";
}
$image_file = $HTTP_POST_FILES["edit"]["tmp_name"]["profile_avatar"];
if (is_uploaded_file($image_file)) {
$extension = strtolower(strrchr($HTTP_POST_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_size", "85x85"));
if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("uploaded file was not an image.");
} else if (filesize($image_file) > (variable_get("profile_avatar_filesize", "30")*1000)) {
$error = t("uploaded image is too large, max %a kb.", array("%a" => variable_get("profile_avatar_filesize", "30")));
} else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
$error = t("uploaded image is too large, max %a.", array("%a" => variable_get("profile_avatar_size", "85x85")));
}
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
$error = t("error in file upload");
}
else {
$edit["profile_avatar"] = $extension;
}
}
return $error ? $error."<br />" : "";
}
function profile_avatar_path($uid, $extension) {
return $extension ? variable_get("profile_avatar_path", "misc/avatars/").md5($uid).$extension : "";
}
function _profile_active_fields($mode) {
return variable_get("profile_".$mode."_fields", array());
}
function _profile_edit_birth($edit = "") {
global $profile_months, $profile_days;
$output .= _profile_select("profile_birthday", $edit->profile_birthday, $profile_days);
$output .= "&nbsp;";
$output .= _profile_select("profile_birthmonth", $edit->profile_birthmonth, $profile_months);
$output .= "&nbsp;";
$output .= "<input maxlength=\"4\" name=\"edit[profile_birthyear]\" size=\"5\" value=\"$edit->profile_birthyear\" />";
return $output;
}
function _profile_validate_birth(&$edit) {
if (!$edit["profile_birthday"] && !$edit["profile_birthmonth"] && !$edit["profile_birthyear"]) {
// change this if you want required birth
return;
}
if ($edit["profile_birthyear"] > 1900 && checkdate($edit["profile_birthmonth"], $edit["profile_birthday"], $edit["profile_birthyear"])) {
return;
}
else {
return t("The specified birthday is not valid.")."<br />";
}
}
function _profile_select($name, $value, $options, $extra = 0, $multiple = 0) {
if (count($options) > 0) {
foreach ($options as $key=>$choice) {
$select .= "<option value=\"$key\"". (is_array($value) ? (in_array($key, $value) ? " selected=\"selected\"" : "") : ($key == $value ? " selected=\"selected\"" : "")) .">". check_form($choice) ."</option>";
}
return "<select name=\"edit[$name]". ($multiple ? "[]" : "") ."\"". ($multiple ? " multiple " : "") . ($extra ? " $extra" : "") .">$select</select>";
}
}
?>
<?php
function _profile_init() {
/*
** Add here any field you might need. Leave array[0] blank if you
** need a special tool (like birthday or avatar).
** TODO: add a clear description/explanation.
*/
$GLOBALS["profile_fields"] = array(
"address" => array("textfield", t("Address"), "", 64, 64, t("Your address: street and number.")),
"city" => array("textfield", t("City"), "", 64, 64, t("Your city.")),
"state" => array("textfield", t("State"), "", 4, 2, t("Your state as a two letter code.")),
"zip" => array("textfield", t("Zip"), "", 7, 5, t("Your ZIP code.")),
"birthday" => array("", t("Birthday"), ""),
"gender" => array("select", t("Gender"), "", array(0 => "-", "m" => t("male"), "f" => t("female")), "", 0, 0),
"job" => array("textfield", t("Job title"), "", 64, 64, t("Your job title or position.")),
"icq" => array("textfield", t("ICQ messenger ID"), "", 12, 12, ""),
"msn" => array("textfield", t("MSN messenger ID"), "", 64, 64, ""),
"yahoo" => array("textfield", t("Yahoo messenger ID"), "", 64, 64, ""),
"aim" => array("textfield", t("AIM messenger ID"), "", 64, 64, ""),
"homepage" => array("textfield", t("URL of homepage"), "", 64, 64, t("Make sure you enter a fully qualified URL: remember to include \"http://\".")),
"biography" => array("textarea", t("Biography"), "", 64, 4, ""),
"interests" => array("textarea", t("Interests"), "", 64, 4, t("What you like.")),
"publickey" => array("textarea", t("Public key"), "", 64, 4, ""),
"avatar" => array("", t("Avatar or picture"), t("Your virtual face or picture."))
);
$GLOBALS["profile_days"][0] = t("day");
for ($n=1; $n<=31; $n++) {
$GLOBALS["profile_days"][$n] = $n;
}
$GLOBALS["profile_months"] = array(0 => t("month"), 1 => t("January"), 2 => t("February"), 3 => t("March"), 4 => t("April"), 5 => t("May"), 6 => t("June"), 7 => t("July"), 8 => t("August"), 9 => t("September"), 10 => t("October"), 11 => t("November"), 12 => t("December"));
}
function profile_system($field){
$system["description"] = t("Support for configurable user profiles.");
return $system[$field];
}
function profile_conf_options() {
global $profile_fields;
if (!$profile_fields) {
_profile_init();
}
foreach ($profile_fields as $key => $field) {
$fields[$key] = $field[1];
}
$output .= form_select(t("Registration time fields"), "profile_register_fields", variable_get("profile_register_fields", array()), $fields, t("The fields users will be able to set at registration time. Any required fields (see below) must appear here too."), "size=\"6\"", 1);
$output .= form_select(t("Required fields"), "profile_required_fields", variable_get("profile_required_fields", array()), $fields, t("The fields users that are required to be set."), "size=\"6\"", 1);
$output .= form_select(t("Publicly accessible fields"), "profile_public_fields", variable_get("profile_public_fields", array()), $fields, t("The fields users will be able to set and that will be publicly visible."), "size=\"6\"", 1);
$output .= form_select(t("Private fields"), "profile_private_fields", variable_get("profile_private_fields", array()), $fields, t("The fields users will be able to set, but which are kept private."), "size=\"6\"", 1);
$output .= form_textfield(t("Avatar image path"), "profile_avatar_path", variable_get("profile_avatar_path", "misc/avatars/"), 30, 255, t("Path for avatar directory; it must be writeable and visible from the web."));
$output .= form_textfield(t("Avatar max size"), "profile_avatar_size", variable_get("profile_avatar_size", "85x85"), 10, 10, t("Maximum size for avatars."));
$output .= form_textfield(t("Avatar max filesize"), "profile_avatar_filesize", variable_get("profile_avatar_filesize", "30"), 10, 10, t("Maximum filesize for avatars, in kb."));
return $output;
}
function profile_user($type, $edit, &$user) {
global $profile_fields;
if (!$profile_fields) {
_profile_init();
}
switch ($type) {
case "register_form":
// first registration form (to add something to just email and nick)
return _profile_form($edit, "register");
case "register_validate":
// validate first registration form
return _profile_validate($edit, "required");
case "edit_form":
// when user tries to edit his own data
return _profile_form(object2array($user), "private");
case "edit_validate":
// validate user data editing
return _profile_validate($edit, "private");
case "view_public":
// when others look at user data
return _profile_user_view($user, "public");
case "view_private":
// when user looks at his own data
return _profile_user_view($user, "private");
}
}
function profile_required($title) {
// this pleads "theme_invoke, theme_invoke" ;)
return $title ." <span style=\"color: red;\">*</span>";
}
function _profile_form($edit, $mode) {
global $profile_fields, $user;
$reg_fields = _profile_active_fields($mode);
$required_fields = _profile_active_fields("required");
foreach ($profile_fields as $name => $field) {
if ($field[0] && in_array($name, $reg_fields)) {
$f = "form_".$field[0];
$t = "profile_".$name;
$output .= $f((in_array($name, $required_fields) ? profile_required($field[1]) : $field[1]), $t, $edit[$t], $field[3], $field[4], $field[5], $field[6]);
}
}
if (in_array("birthday", $reg_fields)) {
$output .= form_item((in_array("birthday", $required_fields) ? profile_required($profile_fields["birthday"][1]) : $profile_fields["birthday"][1]), _profile_edit_birth(array2object($edit)), $profile_fields["birthday"][2]);
}
if (in_array("avatar", $reg_fields)) {
if ($edit["profile_avatar"] && $edit["uid"]) {
$file = profile_avatar_path($edit["uid"], $edit["profile_avatar"]);
if ($file) {
$output .= "<img src=\"$file\"><br />";
}
}
$output .= form_file($profile_fields["avatar"][1], "profile_avatar", 64, $profile_fields["avatar"][2]);
}
return $output;
}
function _profile_validate($edit, $mode) {
global $profile_fields, $user, $HTTP_POST_VARS;
$req_fields = _profile_active_fields($mode);
if (in_array("birthday", $req_fields) && ($birth_error = _profile_validate_birth($edit))) {
$error .= $birth_error."<br />";
}
if (in_array("avatar", $req_fields) && ($avatar_error = _profile_validate_avatar($edit))) {
$error .= $avatar_error."<br />";
}
foreach (array_keys($profile_fields) as $field) {
// replicate any key which was saved during registration but is not in this form
if (!$edit[$field] && $user->$field) {
$edit[$field] = $user->$field;
}
}
// now check for required fields
foreach(_profile_active_fields("required") as $required) {
if (in_array($required, $req_fields)) {
if (!$edit["profile_".$required]) {
$error .= t("This required field is missing: %a", array("%a" => $profile_fields[$required][1]))."<br />";
}
}
}
if ($error) {
return $error;
}
else {
return $edit;
}
}
function _profile_user_view(&$user, $mode) {
global $profile_fields;
foreach (_profile_active_fields($mode) as $name) {
$field = $profile_fields[$name];
$t = "profile_".$name;
switch ($field[0]) {
case "textfield":
case "textarea":
case "checkbox":
if (isset($user->$t)) {
$output .= form_item($field[1], check_output($user->$t));
}
break;
case "select":
if (isset($user->$t)) {
$output .= form_item($field[1], check_output($profile_fields[$name][3][$user->$t]));
}
break;
case "":
// special
if ($t == "profile_avatar") {
if (isset($user->$t)) {
$file = profile_avatar_path($user->uid, $user->profile_avatar);
if (file_exists($file)) {
$output .= form_item(t("Avatar"), "<img src=\"$file\" />");
}
}
}
if ($t == "profile_birthday") {
if (isset($user->profile_birthday) && isset($user->profile_birthmonth) && isset($user->profile_birthyear)) {
// this is very european-centric, can we use format_date?
$output .= form_item(t("Birthday"), $user->profile_birthday."/".$user->profile_birthmonth."/".$user->profile_birthyear);
}
}
}
}
return $output;
}
function _profile_validate_avatar(&$edit) {
global $HTTP_POST_FILES, $user;
// check that uploaded file is an image, with a max file size and max height/width
unset($edit["profile_avatar"]);
if ($HTTP_POST_FILES["edit"]["name"]["profile_avatar"] == "") {
$edit["profile_avatar"] = $user->profile_avatar;
return "";
}
$image_file = $HTTP_POST_FILES["edit"]["tmp_name"]["profile_avatar"];
if (is_uploaded_file($image_file)) {
$extension = strtolower(strrchr($HTTP_POST_FILES["edit"]["name"]["profile_avatar"], "."));
$size = getimagesize($image_file);
list($maxwidth, $maxheight) = explode("x", variable_get("profile_avatar_size", "85x85"));
if ((!in_array($size[2], array(1,2,3))) || (!in_array($extension, array(".gif", ".jpg", ".png", ".jpeg")))) {
$error = t("uploaded file was not an image.");
} else if (filesize($image_file) > (variable_get("profile_avatar_filesize", "30")*1000)) {
$error = t("uploaded image is too large, max %a kb.", array("%a" => variable_get("profile_avatar_filesize", "30")));
} else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
$error = t("uploaded image is too large, max %a.", array("%a" => variable_get("profile_avatar_size", "85x85")));
}
else if (!copy($image_file, variable_get("profile_avatar_path", "misc/avatars/").md5($user->uid).$extension)) {
$error = t("error in file upload");
}
else {
$edit["profile_avatar"] = $extension;
}
}
return $error ? $error."<br />" : "";
}
function profile_avatar_path($uid, $extension) {
return $extension ? variable_get("profile_avatar_path", "misc/avatars/").md5($uid).$extension : "";
}
function _profile_active_fields($mode) {
return variable_get("profile_".$mode."_fields", array());
}
function _profile_edit_birth($edit = "") {
global $profile_months, $profile_days;
$output .= _profile_select("profile_birthday", $edit->profile_birthday, $profile_days);
$output .= "&nbsp;";
$output .= _profile_select("profile_birthmonth", $edit->profile_birthmonth, $profile_months);
$output .= "&nbsp;";
$output .= "<input maxlength=\"4\" name=\"edit[profile_birthyear]\" size=\"5\" value=\"$edit->profile_birthyear\" />";
return $output;
}
function _profile_validate_birth(&$edit) {
if (!$edit["profile_birthday"] && !$edit["profile_birthmonth"] && !$edit["profile_birthyear"]) {
// change this if you want required birth
return;
}
if ($edit["profile_birthyear"] > 1900 && checkdate($edit["profile_birthmonth"], $edit["profile_birthday"], $edit["profile_birthyear"])) {
return;
}
else {
return t("The specified birthday is not valid.")."<br />";
}
}
function _profile_select($name, $value, $options, $extra = 0, $multiple = 0) {
if (count($options) > 0) {
foreach ($options as $key=>$choice) {
$select .= "<option value=\"$key\"". (is_array($value) ? (in_array($key, $value) ? " selected=\"selected\"" : "") : ($key == $value ? " selected=\"selected\"" : "")) .">". check_form($choice) ."</option>";
}
return "<select name=\"edit[$name]". ($multiple ? "[]" : "") ."\"". ($multiple ? " multiple " : "") . ($extra ? " $extra" : "") .">$select</select>";
}
}
?>
......@@ -47,7 +47,7 @@ function sess_gc($lifetime) {
/*** Common functions ******************************************************/
function user_external_load($authname) {
$arr_uid = db_query("SELECT uid FROM authmap WHERE authname = '$authname'");
$arr_uid = db_query("SELECT uid FROM authmap WHERE authname = '%s'", $authname);
if (db_fetch_object($arr_uid)) {
$uid = db_result($arr_uid);
......@@ -71,7 +71,7 @@ function user_load($array = array()) {
$query .= "u.$key = '". md5($value) ."' AND ";
}
else {
$query .= "u.$key = '". addslashes($value) ."' AND ";
$query .= "u.$key = '". check_query($value) ."' AND ";
}
}
$result = db_query("SELECT u.*, r.name AS role FROM users u LEFT JOIN role r ON u.rid = r.rid WHERE $query u.status < 3 LIMIT 1");
......@@ -135,7 +135,7 @@ function user_save($account, $array = array()) {
}
$fields[] = "data";
$values[] = "'". serialize($data) ."'";
$values[] = "'". check_query(serialize($data)) ."'";
db_query("INSERT INTO users (". implode(", ", $fields) .") VALUES (". implode(", ", $values) .")");
......@@ -187,13 +187,13 @@ function user_validate_mail($mail) {
** allowed.
*/
if ($mail && !eregi("^[a-z0-9]+([_.-][a-z0-9]+)*@([a-z0-9]+([.-][a-z0-9]+)*)+\\.[a-z]{2,4}$")) {
if ($mail && !eregi("^[a-z0-9]+([_.-][a-z0-9]+)*@([a-z0-9]+([.-][a-z0-9]+)*)+\\.[a-z]{2,4}$", $mail)) {
return t("The e-mail address '$mail' is not valid.");
}
}
function user_validate_authmap($account, $authname, $module) {
$result = db_query("SELECT COUNT(*) from authmap WHERE uid != '$account->uid' && authname = '$authname'");
$result = db_query("SELECT COUNT(*) from authmap WHERE uid != '$account->uid' && authname = '%s'", $authname);
if (db_result($result) > 0) {
$name = module_invoke($module, "info", "name");
return t("The %u ID %s is already taken.", array("%u" => ucfirst($name), "%s" => "<i>$authname</i>"));
......@@ -260,9 +260,9 @@ function user_mail($mail, $subject, $message, $header) {
function user_deny($type, $mask) {
$allow = db_fetch_object(db_query("SELECT * FROM access WHERE status = '1' AND type = '$type' AND LOWER('$mask') LIKE LOWER(mask)"));
$allow = db_fetch_object(db_query("SELECT * FROM access WHERE status = '1' AND type = '%s' AND LOWER('%s') LIKE LOWER(mask)", $type, $mask));