HomeHelpTrac

source: trunk/inc/profiles.inc.php @ 16210

Revision 16210, 12.8 KB checked in by Alexander Trofimov, 4 weeks ago (diff)

Person's profile module
Line 
1<?php
2/**
3 * @package     Dolphin Core
4 * @copyright   Copyright (c) BoonEx Pty Limited - http://www.boonex.com/
5 * @license     CC-BY - http://creativecommons.org/licenses/by/3.0/
6 */
7defined('BX_DOL') or die('hack attempt');
8
9/**
10 * It is needed to check whether user is logged in or not
11 */
12function isLogged() {
13    return getLoggedId() != 0;
14}
15
16/**
17 * It returns logged in account id
18 */
19function getLoggedId() {
20    return isset($_COOKIE['memberID']) && (!empty($GLOBALS['logged']['member']) || !empty($GLOBALS['logged']['admin'])) ? (int)$_COOKIE['memberID'] : 0;
21}
22
23/**
24 * It returns logged in account password
25 */
26function getLoggedPassword() {
27    return isset($_COOKIE['memberPassword']) && ($GLOBALS['logged']['member'] || $GLOBALS['logged']['admin']) ? $_COOKIE['memberPassword'] : '';
28}
29
30/**
31 * It checks if account is member.
32 */
33function isMember($iId = 0) {
34    return isRole(BX_DOL_ROLE_MEMBER, $iId);
35}
36
37if (!function_exists("isAdmin")) {
38    /**
39     * It checks if account is admin.
40     */
41    function isAdmin($iId = 0) {
42        return isRole(BX_DOL_ROLE_ADMIN, $iId);
43    }
44}
45
46/**
47 * It checks account's role
48 */
49function isRole($iRole, $iId = 0) {
50
51    if (!(int)$iId)
52        $iId = getLoggedId();
53
54    bx_import('BxDolAccount');
55    $oAccount = BxDolAccount::getInstance($iId);
56    if (!$oAccount)
57        return false;
58
59    $aAccountInfo = $oAccount->getInfo();
60
61    if (!$aAccountInfo)
62        return false;
63
64    if (!((int)$aAccountInfo['role'] & $iRole))
65        return false;
66
67    return true;
68}
69
70
71/**
72 * function for inner using only
73 * @param $ID - profile ID
74 * @param $iFrStatus - friend status (1 - approved, 0 - wait)
75 * @param $iOnline - filter for last nav moment (in minutes)
76 * @param $sqlWhere - add sql Conditions, should beginning from AND
77 */
78function getFriendNumber($iID, $iFrStatus = 1, $iOnline = 0, $sqlWhere = '') {
79    $sqlAdd = '';
80
81    if ($iOnline > 0)
82        $sqlAdd = " AND (p.`DateLastNav` > SUBDATE(NOW(), INTERVAL " . $iOnline . " MINUTE))";
83
84    if (strlen($sqlWhere) > 0)
85        $sqlAdd .= $sqlWhere;
86
87    $sqlQuery = "SELECT COUNT(`f`.`ID`)
88    FROM
89    (SELECT `ID` AS `ID` FROM `sys_friend_list` WHERE `Profile` = '{$iID}' AND `Check` = {$iFrStatus}
90    UNION
91    SELECT `Profile` AS `ID` FROM `sys_friend_list` WHERE `ID` = '{$iID}' AND `Check` = {$iFrStatus})
92    AS `f`
93    INNER JOIN `Profiles` AS `p` ON `p`.`ID` = `f`.`ID`
94    WHERE 1 {$sqlAdd}";
95
96    return (int)db_value($sqlQuery);
97}
98
99/**
100 * Get number of friend requests sent to the specified profile.
101 * It doesn't count pending friend requests which was sent by specified profile.
102 * @param $iID specified profile
103 * @return number of friend requests
104 */
105function getFriendRequests($iID) {
106    $iID = (int)$iID;
107    $sqlQuery = "SELECT count(*) FROM `sys_friend_list` WHERE `Profile` = {$iID} AND `Check` = '0'";
108    return (int)db_value($sqlQuery);
109}
110
111function getMyFriendsEx($iID, $sWhereParam = '', $sSortParam = '', $sqlLimit = '') {
112    $sJoin = $sOrderBy = '';
113
114    switch($sSortParam) {
115
116        case 'activity' :
117        case 'last_nav' : // DateLastNav
118            $sOrderBy = 'ORDER BY p.`DateLastNav`';
119            break;
120        case 'activity_desc' :
121        case 'last_nav_desc' : // DateLastNav
122            $sOrderBy = 'ORDER BY p.`DateLastNav` DESC';
123            break;
124        case 'date_reg' : // DateReg
125            $sOrderBy = 'ORDER BY p.`DateReg`';
126            break;
127        case 'date_reg_desc' : // DateReg
128            $sOrderBy = 'ORDER BY p.`DateReg` DESC';
129            break;
130        case 'image' : // Avatar
131            $sOrderBy = 'ORDER BY p.`Avatar` DESC';
132            break;
133        case 'rate' : // `sys_profile_rating`.`pr_rating_sum
134            $sOrderBy = 'ORDER BY `sys_profile_rating`.`pr_rating_sum`';
135            $sJoin = 'LEFT JOIN `sys_profile_rating` ON p.`ID` = `sys_profile_rating`.`pr_id`';
136            break;
137        default : // DateLastNav
138            $sOrderBy = 'ORDER BY p.`DateLastNav` DESC';
139            break;
140    }
141
142    $sLimit = ($sqlLimit == '') ? '' : /*"LIMIT 0, " .*/ $sqlLimit;
143    $iOnlineTime = (int)getParam( "member_online_time" );
144    $sqlQuery = "SELECT `p`.*, `f`.`ID`,
145                if(`DateLastNav` > SUBDATE(NOW( ), INTERVAL $iOnlineTime MINUTE ), 1, 0) AS `is_online`,
146                UNIX_TIMESTAMP(p.`DateLastLogin`) AS 'TS_DateLastLogin', UNIX_TIMESTAMP(p.`DateReg`) AS 'TS_DateReg'     FROM (
147                SELECT `ID` AS `ID` FROM `sys_friend_list` WHERE `Profile` = '{$iID}' AND `Check` =1
148                UNION
149                SELECT `Profile` AS `ID` FROM `sys_friend_list` WHERE `ID` = '{$iID}' AND `Check` =1
150            ) AS `f`
151            INNER JOIN `Profiles` AS `p` ON `p`.`ID` = `f`.`ID`
152            {$sJoin}
153            WHERE 1 {$sWhereParam}
154            {$sOrderBy}
155            {$sLimit}";
156
157    $aFriends = array();
158
159    $vProfiles = db_res($sqlQuery);
160    while ($aProfiles = mysql_fetch_assoc($vProfiles)) {
161        $aFriends[$aProfiles['ID']] = array($aProfiles['ID'], $aProfiles['TS_DateLastLogin'], $aProfiles['TS_DateReg'], $aProfiles['Rate'], $aProfiles['DateLastNav'], $aProfiles['is_online']);
162    }
163
164    return $aFriends;
165}
166
167function isLoggedBanned($iCurUserID = 0) {
168    $iCCurUserID = ($iCurUserID>0) ? $iCurUserID : (int)$_COOKIE['memberID'];
169    if ($iCCurUserID) {
170        $CheckSQL = "
171            SELECT *
172            FROM `sys_admin_ban_list`
173            WHERE `ProfID`='{$iCCurUserID}'
174        ";
175        db_res($CheckSQL);
176        if (db_affected_rows()>0) {
177            return true;
178        }
179    }
180    return false;
181}
182
183function bx_login($iId, $bRememberMe = false) {
184
185    bx_import('BxDolAccountQuery');
186    $oAccountQuery = BxDolAccountQuery::getInstance();
187
188    $sPassword = $oAccountQuery->getPassword($iId);
189    if (!$sPassword)
190        return false;
191
192    $aUrl = parse_url(BX_DOL_URL_ROOT);
193    $sPath = isset($aUrl['path']) && !empty($aUrl['path']) ? $aUrl['path'] : '/';
194    $sHost = '';
195    $iCookieTime = $bRememberMe ? time() + 24*60*60*30 : 0;
196    setcookie("memberID", $iId, $iCookieTime, $sPath, $sHost);
197    $_COOKIE['memberID'] = $iId;
198    setcookie("memberPassword", $sPassword, $iCookieTime, $sPath, $sHost, false, true /* http only */);
199    $_COOKIE['memberPassword'] = $sPassword;
200
201    $oAccountQuery->updateLoggedIn($iId);
202
203    bx_alert('account', 'login',  $iId);
204
205    return $oAccountQuery->getInfoById($iId);
206}
207
208function bx_logout($bNotify = true) {
209    if ($bNotify && isMember())
210        bx_alert('profile', 'logout', (int)$_COOKIE['memberID']);
211
212    $aUrl = parse_url(BX_DOL_URL_ROOT);
213    $sPath = isset($aUrl['path']) && !empty($aUrl['path']) ? $aUrl['path'] : '/';
214
215    setcookie('memberID', '', time() - 96 * 3600, $sPath);
216    setcookie('memberPassword', '', time() - 96 * 3600, $sPath);
217
218    unset($_COOKIE['memberID']);
219    unset($_COOKIE['memberPassword']);
220}
221
222function check_logged() {
223
224    $aAccTypes = array(
225       BX_DOL_ROLE_ADMIN => 'admin',
226       BX_DOL_ROLE_MEMBER => 'member'
227    );
228
229
230    $sID = isset($_COOKIE['memberID']) ? bx_process_input($_COOKIE['memberID']) : false;
231    $sPassword = isset($_COOKIE['memberPassword']) ? bx_process_input($_COOKIE['memberPassword']) : false;
232
233    $bLogged = false;
234    foreach ($aAccTypes as $iRole => $sValue) {
235        if ($GLOBALS['logged'][$sValue] = ($sID && !bx_check_login($sID, $sPassword, $iRole))) {
236            $bLogged = true;
237            break;
238        }
239    }
240   
241    if ((isset($_COOKIE['memberID']) || isset($_COOKIE['memberPassword'])) && !$bLogged)
242        bx_logout(false);
243}
244
245
246/**
247 * check unencrypted password
248 * @return empty string on success or error string on error
249 */
250function bx_check_password($sLogin, $sPassword, $iRole = BX_DOL_ROLE_MEMBER) {
251
252    bx_import('BxDolAccount');
253    $oAccount = BxDolAccount::getInstance($sLogin);       
254    if (!$oAccount) {
255        bx_import('BxDolLanguages');
256        return _t("_sys_txt_login_error");
257    }
258
259    $aAccountInfo = $oAccount->getInfo();       
260
261    $sPassCheck = encryptUserPwd($sPassword, $aAccountInfo['salt']);
262
263    return bx_check_login($aAccountInfo['id'], $sPassCheck, $iRole);
264}
265
266
267/**
268 * check encrypted password (ex., from Cookie)
269 * @return empty string on success or error string on error
270 */
271function bx_check_login($iID, $sPassword, $iRole = BX_DOL_ROLE_MEMBER) {
272
273    bx_import('BxDolAccount');
274    $oAccount = BxDolAccount::getInstance((int)$iID);
275
276    // If no such account available
277    if (!$oAccount) {
278        bx_import('BxDolLanguages');       
279        return _t("_sys_txt_login_error");
280    }
281
282    $aAccountInfo = $oAccount->getInfo();
283
284    // If password is incorrect
285    if (strcmp($aAccountInfo['password'], $sPassword) != 0) {
286        bx_import('BxDolLanguages');
287        return _t("_sys_txt_login_error");
288    }
289
290    // If wrong account role
291    if (!((int)$aAccountInfo['role'] & $iRole)) {
292        bx_import('BxDolLanguages');
293        return _t("_sys_txt_login_invalid_role");
294    }
295
296    // Admin can always login even if his ip is blocked
297    if (isAdmin($aAccountInfo['id']))
298        return '';
299
300    // If IP is banned
301    if ((2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) || ('on' == getParam('sys_dnsbl_enable') && bx_is_ip_dns_blacklisted('', 'login'))) {
302        bx_import('BxDolLanguages');
303        return _t('_Sorry, your IP been banned');
304    }
305
306    // If account is banned
307    if (isLoggedBanned($aAccountInfo['id'])) {
308        bx_import('BxDolLanguages');
309        return _t('_member_banned');
310    }
311
312    return '';
313}
314
315function bx_require_authentication ($bStudio = false) {
316
317    $iRole = BX_DOL_ROLE_MEMBER;
318    if ($bStudio)
319        $iRole = BX_DOL_ROLE_ADMIN;
320
321    $sID = isset($_COOKIE['memberID']) ? bx_process_input($_COOKIE['memberID']) : false;
322    $sPassword = isset($_COOKIE['memberPassword']) ? bx_process_input($_COOKIE['memberPassword']) : false;
323   
324    if ($sLoginError = bx_check_login($sID, $sPassword, $iRole)) {
325        bx_login_form($bStudio);
326    }   
327
328    check_logged();
329}
330
331
332
333function bx_login_form($bStudio = false, $bAjaxMode = false) {
334
335    if ($bStudio == 1) {
336        bx_import("BxTemplStudioFunctions");
337        BxTemplStudioFunctions::getInstance()->getLoginForm();
338        exit;
339    }   
340
341    $sFormCode = BxDolService::call('system', 'login_form', array(), 'TemplServiceLogin');
342
343    if ($bAjaxMode) {
344        echo $GLOBALS['oFunctions']->transBox($sFormCode, true);
345        exit;
346    }
347
348    BxDolTemplate::getInstance()->setPageNameIndex (BX_PAGE_DEFAULT);
349    BxDolTemplate::getInstance()->setPageHeader (getParam('site_title') . ' ' . _t("_Member Login"));
350    BxDolTemplate::getInstance()->setPageContent ('page_main_code', DesignBoxContent(_t("_Member Login"), $sFormCode, BX_DB_PADDING_DEF));
351    BxDolTemplate::getInstance()->getPageCode();
352
353    exit;
354}
355
356/**
357 * Check profile existing, membership/acl, profile status and privacy.
358 * If some of visibility options are not allowed then appropritate page is shown and exit called.
359 * @param $iViewedId viewed member id
360 * @param $iViewerId viewer member id
361 * @return nothing
362 */
363function bx_check_profile_visibility ($iViewedId, $iViewerId = 0) {
364
365    global $logged, $_page, $_page_cont, $p_arr;
366
367    $oTemplate = BxDolTemplate::getInstance();
368
369    // check if profile exists
370    if (!$iViewedId) {
371        $oTemplate->displayPageNotFound ();
372        exit;
373    }
374
375    // check if viewer can view profile
376    $check_res = checkAction( $iViewerId, ACTION_ID_VIEW_PROFILES, true, $iViewedId );
377    if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED
378        && !$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId)
379    {
380        $oTemplate->setPageNameIndex(0);
381        $oTemplate->setPageHeader(getParam('site_title') . " " . _t("_Member Profile"));       
382        $oTemplate->setPageContent('page_main_code', MsgBox($check_res[CHECK_ACTION_MESSAGE]));
383        $oTemplate->getPageCode();
384        exit;
385    }
386
387    $oProfile = new BxBaseProfileGenerator( $iViewedId );
388    $p_arr  = $oProfile -> _aProfile;
389
390    // check if viewed member is active
391    if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active')))
392    {
393        header("HTTP/1.1 404 Not Found");
394        $oTemplate->displayMsg(_t("_Profile NA"));
395        exit;
396    }
397
398    // check privacy
399    if (!$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) {
400        $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
401        if (!$oPrivacy->check('view', $iViewedId, $iViewerId)) {
402            bx_import('BxDolProfilePrivatePageView');
403            $oProfilePrivateView = new BxDolProfilePrivatePageView($oProfile);
404            $oTemplate->setPageNameIndex(7);
405            $oTemplate->setPageContent('page_main_code', $oProfilePrivateView->getCode());
406            $oTemplate->getPageCode();
407            exit;
408        }
409    }
410}
411
412/**
413 * get corrently logged in profile id
414 */
415function bx_get_logged_profile_id () {
416    bx_import('BxDolProfile');
417    $o = BxDolProfile::getInstance();
418    return $o ? $o->id() : false;
419}
420
421check_logged();
422
Note: See TracBrowser for help on using the repository browser.
 
 

Site Search

Market

Notes

Websites

About BoonEx Contacts © BoonEx (ACN 127966581)