[geeklog-cvs] geeklog-1.3/system lib-user.php,1.6,1.7

dhaun at iowaoutdoors.org dhaun at iowaoutdoors.org
Tue Oct 5 15:52:48 EDT 2004 

Update of /var/cvs/geeklog-1.3/system
In directory www:/tmp/cvs-serv14617/system

Modified Files:
	lib-user.php 
Log Message:
When creating a new user from admin/user.php, don't try to determine the new user's id beforehand (bug #243). Took the opportunity and refactored the code to create a new user account and moved it to lib-users.php (also from users.php).


Index: lib-user.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/system/lib-user.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** lib-user.php	11 Aug 2004 18:30:35 -0000	1.6
--- lib-user.php	5 Oct 2004 19:52:45 -0000	1.7
***************
*** 194,196 ****
--- 194,309 ----
  }
  
+ /**
+ * Create a new user
+ *
+ * This also handles adding the user to the user submission queue, if enabled.
+ * Also calls the custom user registration (if enabled) and plugin functions.
+ *
+ * NOTE: Does NOT send out password emails.
+ *
+ * @param    string  $username   user name (mandatory)
+ * @param    string  $email      user's email address (mandatory)
+ * @param    string  $passwd     password (optional, see above)
+ * @param    string  $fullname   user's full name (optional)
+ * @param    string  $homepage   user's home page (optional)
+ * @return   int                 new user's ID
+ *
+ */
+ function USER_createAccount ($username, $email, $passwd = '', $fullname = '', $homepage = '')
+ {
+     global $_CONF, $_TABLES;
+ 
+     $username = addslashes ($username);
+     $email = addslashes ($email);
+ 
+     $regdate = strftime ('%Y-%m-%d %H:%M:%S', time ());
+     $fields = 'username,email,regdate,cookietimeout';
+     $values = "'$username','$email','$regdate','{$_CONF['default_perm_cookie_timeout']}'";
+ 
+     if (!empty ($passwd)) {
+         $passwd = addslashes ($passwd);
+         $fields .= ',passwd';
+         $values .= ",'$passwd'";
+     }
+     if (!empty ($fullname)) {
+         $fullname = addslashes ($fullname);
+         $fields .= ',fullname';
+         $values .= ",'$fullname'";
+     }
+     if (!empty ($homepage)) {
+         $homepage = addslashes ($homepage);
+         $fields .= ',homepage';
+         $values .= ",'$homepage'";
+     }
+ 
+     DB_query ("INSERT INTO {$_TABLES['users']} ($fields) VALUES ($values)");
+ 
+     $uid = DB_getItem ($_TABLES['users'], 'uid', "username = '$username'");
+ 
+     // Add user to Logged-in group (i.e. members) and the All Users group
+     $normal_grp = DB_getItem ($_TABLES['groups'], 'grp_id',
+                               "grp_name='Logged-in Users'");
+     $all_grp = DB_getItem ($_TABLES['groups'], 'grp_id',
+                            "grp_name='All Users'");
+     DB_query ("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ($normal_grp, $uid)");
+     DB_query ("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ($all_grp, $uid)");
+ 
+     DB_query ("INSERT INTO {$_TABLES['userprefs']} (uid) VALUES ($uid)");
+     if ($_CONF['emailstoriesperdefault'] == 1) {
+         DB_query ("INSERT INTO {$_TABLES['userindex']} (uid) VALUES ($uid)");
+     } else {
+         DB_query ("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ($uid, '-')");
+     }
+ 
+     DB_query ("INSERT INTO {$_TABLES['usercomment']} (uid,commentmode,commentlimit) VALUES ($uid,'{$_CONF['comment_mode']}','{$_CONF['comment_limit']}')");
+     DB_query ("INSERT INTO {$_TABLES['userinfo']} (uid) VALUES ($uid)");
+ 
+     // if user submission queue is active and the current user is not a
+     // User Admin, then we may have to add the new user to the submission queue
+     if (($_CONF['usersubmission'] == 1) && !SEC_hasRights ('user.edit')) {
+         $queueUser = true;
+         if (!empty ($_CONF['allow_domains'])) {
+             $allowed = explode (',', $_CONF['allow_domains']);
+             // Note: We already made sure $email is a valid address
+             $domain = substr ($email, strpos ($email, '@') + 1);
+             if (in_array ($domain, $allowed)) {
+                 $queueUser = false;
+             }
+         }
+         if ($queueUser) {
+             $passwd = addslashes (md5 (''));
+             DB_change ($_TABLES['users'], 'passwd', "$passwd", 'uid', $uid);
+         }
+     }
+ 
+     // call custom registration function and plugins
+     if ($_CONF['custom_registration'] && (function_exists ('custom_usercreate'))) {
+         custom_usercreate ($uid);
+     }
+     PLG_createUser ($uid);
+ 
+     return $uid;
+ }
+ 
+ /**
+ * Check if a user is in the user submission queue
+ *
+ * @param    int     $uid    User ID to check
+ * @return   boolean         true = user in queue, false = not in queue
+ *
+ */
+ function USER_isQueued ($uid)
+ {
+     global $_TABLES;
+ 
+     $queued = false;
+ 
+     $passwd = md5 ('');
+     if (DB_getItem ($_TABLES['users'], 'passwd', "uid = $uid") == $passwd) {
+         $queued = true;
+     }
+ 
+     return $queued;
+ }
+ 
  ?>

More information about the geeklog-cvs mailing list