summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/Auth.class.php5
-rw-r--r--src/lib/Database.class.php396
-rw-r--r--src/lib/Login.class.php31
-rw-r--r--src/lib/MessageHandler.class.php10
-rw-r--r--src/lib/MessageManager.class.php471
5 files changed, 470 insertions, 443 deletions
diff --git a/src/lib/Auth.class.php b/src/lib/Auth.class.php
index 4c2a9c6..e49ebf7 100644
--- a/src/lib/Auth.class.php
+++ b/src/lib/Auth.class.php
@@ -26,6 +26,11 @@ class Auth {
return $type;
}
protected function setType($type) {
+ $logged_in_uid = $this->mm->isLoggedIn();
+ $logged_in_obj = $this->mm->getAuthObj($logged_in_uid);
+ $is_admin = $logged_in_obj->isAdmin();
+ if (!$is_admin) return false;
+
return $this->mm->setStatus($this->uid, $type);
}
public function isUser() {
diff --git a/src/lib/Database.class.php b/src/lib/Database.class.php
new file mode 100644
index 0000000..03c227f
--- /dev/null
+++ b/src/lib/Database.class.php
@@ -0,0 +1,396 @@
+<?php
+
+class Database {
+ private $conf;
+ private $mysql;
+ private $db_prefix;
+
+ public function __construct($conf_file) {
+ $this->conf = $conf_file;
+ }
+
+ // Low-Level SQL functions /////////////////////////////////////////////
+
+ private function mysql() {
+ if (!isset($this->mysql)) {
+ $this->mysql_init();
+ }
+ return $this->mysql;
+ }
+ private function mysql_init() {
+ global $db_config;
+ require($this->conf);
+ $this->mysql = mysql_connect($db_config['host'],
+ $db_config['user'],
+ $db_config['password']);
+ mysql_set_charset($db_config['charset'], $this->mysql);
+ mysql_select_db($db_config['name'], $this->mysql);
+ $this->db_prefix = $db_config['prefix'];
+ unset($db_config);
+ }
+ private function mysql_table($table_name) {
+ $mysql = $this->mysql();
+ $prefix = $this->db_prefix;
+ return $prefix.mysql_real_escape_string($table_name, $mysql);
+ }
+ private function mysql_escape($string) {
+ $mysql = $this->mysql();
+ return mysql_real_escape_string($string, $mysql);
+ }
+ private function mysql_query($query) {
+ $mysql = $this->mysql();
+ return mysql_query($query, $mysql);
+ }
+ public function mysql_error() {
+ $mysql = $this->mysql();
+ return mysql_error($mysql);
+ }
+
+ // High-Level SQL functions ////////////////////////////////////////////
+
+ // The 'auth' table
+
+ public function getUID($username) {
+ $t = $this->mysql_table('auth');
+ $v = $this->mysql_escape($username);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE name='$v' ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['uid'])) {
+ return (int)$user['uid'];
+ } else {
+ return false;
+ }
+ }
+ public function getUsername($uid) {
+ if (!is_int($uid)) return false;
+ $t = $this->mysql_table('auth');
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['name'])) {
+ return $user['name'];
+ } else {
+ return false;
+ }
+ }
+ public function setUsername($uid, $username) {
+ if (!is_int($uid)) return false;
+ if ($this->getUID($username) !== false) {
+ return false;
+ }
+ $table = $this->mysql_table('auth');
+ $name = $this->mysql_escape($username);
+ $query =
+ "UPDATE $table \n".
+ "SET name='$name' \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function getPasswordHash($uid) {
+ if (!is_int($uid)) return false;
+
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT * \n".
+ "FROM $table \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['hash'])) {
+ return $user['hash'];
+ } else {
+ return false;
+ }
+ }
+ public function setPassword($uid, $password) {
+ if (!is_int($uid)) return false;
+ $table = $this->mysql_table('auth');
+
+ $hasher = $this->hasher();
+ @$hash = $hasher->HashPassword($password);
+ $query =
+ "UPDATE $table \n".
+ "SET hash='$hash' \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function addUser($username, $password) {
+ $user_exits = $this->getUID($username);
+ if ($user_exists) {
+ return false;
+ }
+
+ $table = $this->mysql_table('auth');
+ $user = $this->mysql_escape($username);
+ $hasher = $this->hasher();
+ @$hash = $hasher->HashPassword($password);
+ $status = 0;
+ $query =
+ "INSERT INTO $table ( name, hash , status) \n".
+ "VALUES ('$user', '$hash', $status) ;";
+ $this->mysql_query($query);
+ $uid = $this->getUID($username);
+ return $uid;
+ }
+ public function getStatus($uid) {
+ if (!is_int($uid)) return false;
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT * \n".
+ "FROM $table \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['status'])) {
+ return (int)$user['status'];
+ } else {
+ return false;
+ }
+ }
+ public function setStatus($uid, $status) {
+ if (!is_int($uid)) return false;
+ $table = $this->mysql_table('auth');
+ $s = $this->mysql_escape($status);
+ $query =
+ "UPDATE $table * \n".
+ "SET status=$s \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function countUsers() {
+ $table = $this->mysql_table('auth');
+ $query = "SELECT COUNT(*) FROM $table;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ $count = $row[0];
+ return $count;
+ }
+ public function listGroups() {
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT uid \n".
+ "FROM $table \n".
+ "WHERE status=3 ;";
+ $q = $this->mysql_query($query);
+ $groups = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $groups[] = (int)$row[0];
+ }
+ return $groups;
+ }
+ public function listGroupNames() {
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT name \n".
+ "FROM $table \n".
+ "WHERE status=3 ;";
+ $q = $this->mysql_query($query);
+ $groups = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $groups[] = $row[0].'';
+ }
+ return $groups;
+ }
+ public function listUsers() {
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT uid \n".
+ "FROM $table \n".
+ "WHERE status < 3 ;";
+ $q = $this->mysql_query($query);
+ $users = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $users[] = (int)$row[0];
+ }
+ return $users;
+ }
+
+ // The 'users' table
+
+ public function findUser($setting, $value) {
+ $t = $this->mysql_table('users');
+ $k = $this->mysql_escape($setting);
+ $v = $this->mysql_escape($value);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k = '$k' \n".
+ "AND UPPER(v)=UPPER('$v') ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['uid'])) {
+ return $user['uid'];
+ } else {
+ return false;
+ }
+ }
+ public function getUserConf($uid, $setting) {
+ if (!is_int($uid)) return false;
+ $t = $this->mysql_table('users');
+ $k = $this->mysql_escape($setting);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k='$k' \n".
+ "AND uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ if (isset($row['v'])) {
+ return $row['v'];
+ } else {
+ return false;
+ }
+ }
+ public function setUserConf($uid, $setting, $value) {
+ if (!is_int($uid)) return false;
+ $isset = ($this->getUserConf($uid, $setting) !== false);
+ $t = $this->mysql_table('users');
+ $k = $this->mysql_escape($setting);
+ $v = $this->mysql_escape($value);
+ if ($isset) {
+ $query =
+ "UPDATE $t \n".
+ "SET v = '$v' \n".
+ "WHERE k = '$k' \n".
+ "AND uid = $uid ;";
+ } else {
+ $query =
+ "INSERT INTO $t ( uid, k , v ) \n".
+ "VALUES ($uid, '$k', '$v') ;";
+ }
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function getUsersInGroup($groupname) {
+ $table = $this->mysql_table('users');
+ $group = $this->mysql_escape($groupname);
+ $query =
+ "SELECT uid \n".
+ "FROM $table \n".
+ "WHERE k='groups' \n".
+ "AND v LIKE '%,$group,%' ;";
+ $q = $this->mysql_query($query);
+ $users = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $users[] = $row[0];
+ }
+ return $users;
+ }
+
+ // The 'plugins' table
+
+ public function getPluginConf($plugin, $key) {
+ $t = $this->mysql_table('plugins');
+ $p = $this->mysql_escape($plugin);
+ $k = $this->mysql_escape($key);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k='$k' \n".
+ "AND plugin='$p' ;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ if (isset($row['v'])) {
+ return $row['v'];
+ } else {
+ return false;
+ }
+ }
+ public function setPluginConf($plugin, $key, $value) {
+ $isset = ($this->getPluginConf($plugin, $key) !== false);
+ $t = $this->mysql_table('plugins');
+ $p = $this->mysql_escape($plugin);
+ $k = $this->mysql_escape($key);
+ $v = $this->mysql_escape($value);
+ if ($isset) {
+ $query =
+ "UPDATE $t \n".
+ "SET v = '$v' \n".
+ "WHERE k = '$k' \n".
+ "AND plugin = '$p' ;";
+ } else {
+ $query =
+ "INSERT INTO $t (plugin, k , v ) \n".
+ "VALUES ('$p' , '$k', '$v') ;";
+ }
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+
+ // The 'conf' table
+
+ public function getSysConf($key) {
+ $t = $this->mysql_table('conf');
+ $k = $this->mysql_escape($key);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k='$k' ;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ if (isset($row['v'])) {
+ return $row['v'];
+ } else {
+ return false;
+ }
+ }
+ public function setSysConf($key, $value) {
+ $isset = (getSysConf($key) !== false);
+ $t = $this->mysql_table('conf');
+ $k = $this->mysql_escape($key);
+ $v = $this->mysql_escape($value);
+ if ($isset) {
+ $query =
+ "UPDATE $t \n".
+ "SET v = '$v' \n".
+ "WHERE k = '$k' ;";
+ } else {
+ $query =
+ "INSERT INTO $t ( k , v ) \n".
+ "VALUES ('$k', '$v') ;";
+ }
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+
+ /**
+ * Strip out empty group names and duplicates, sort.
+ */
+ private static function sanitizeArray($in) {
+ $out = array();
+ foreach ($in as $item) {
+ if (($item !== '')&&(!in_array($item, $out))) {
+ $out[] = $item;
+ }
+ }
+ natsort($out);
+ return $out;
+ }
+ /**
+ * Translate an array into a value suitable to be stored into a
+ * key-value store in the database.
+ */
+ public static function arrayToValue($list) {
+ $out_list = $this->sanitizeArray($list);
+ return ','.implode(',', $out_list).',';
+ }
+ /**
+ * Translate a value from arrayToValue() back into an array.
+ */
+ public static function valueToArray($value) {
+ $raw_list = explode(',', $value);
+ $out_list = $this->sanitizeArray($raw_list);
+ return $out_list;
+ }
+
+} \ No newline at end of file
diff --git a/src/lib/Login.class.php b/src/lib/Login.class.php
new file mode 100644
index 0000000..26d11dd
--- /dev/null
+++ b/src/lib/Login.class.php
@@ -0,0 +1,31 @@
+<?php
+
+class Login {
+ public static function login($username, $password) {
+ global $mm;
+ $uid = $mm->database()->getUID($username);
+ if ($uid===false) {
+ // user does not exist
+ return 2;
+ }
+ $hash = $mm->database()->getPasswordHash($uid);
+ if ($mm->hasher()->CheckPassword($password, $hash)) {
+ // success
+ $_SESSION['uid'] = $uid;
+ return 0;
+ } else {
+ // wrong password
+ return 1;
+ }
+ }
+ public static function isLoggedIn() {
+ if ( isset($_SESSION['uid']) && ($_SESSION['uid']!='') ) {
+ return $_SESSION['uid'];
+ } else {
+ return false;
+ }
+ }
+ public static function logout() {
+ $_SESSION['uid'] = '';
+ }
+}
diff --git a/src/lib/MessageHandler.class.php b/src/lib/MessageHandler.class.php
index 2dce491..1fa9faf 100644
--- a/src/lib/MessageHandler.class.php
+++ b/src/lib/MessageHandler.class.php
@@ -1,11 +1,5 @@
<?php
-
-require_once('send/SenderGVSMS.class.php');
-require_once('send/SenderIdentica.class.php');
-
-set_include_path(get_include_path().PATH_SEPARATOR."$BASE/src/plugins");
-
class MessageHandler {
public function __constructor() {
@@ -28,7 +22,7 @@ class MessageHandler {
$value = (int)$value;
break;
}
- configSet($param, $value);
+ $obj->configSet($param, $value);
}
}
return $obj;
@@ -38,7 +32,7 @@ class MessageHandler {
$private_senders = array();
$broadcast_senders = array();
-
+
$plugin_list = $m->getSysConf('plugins');
$plugins = explode(',', $plugin_list);
foreach ($plugins as $plugin) {
diff --git a/src/lib/MessageManager.class.php b/src/lib/MessageManager.class.php
index 1302f8b..645643e 100644
--- a/src/lib/MessageManager.class.php
+++ b/src/lib/MessageManager.class.php
@@ -2,376 +2,41 @@
class MessageManager {
private $conf;
- private $mysql;
- private $db_prefix;
- private $pw_hasher;
- private $template;
- private $pluginManager;
private $base;
- private $users = array();
-
- // Low-Level SQL functions /////////////////////////////////////////////
-
- private function mysql() {
- if (!isset($this->mysql)) {
- $this->mysql_init();
- }
- return $this->mysql;
- }
- private function mysql_init() {
- global $db_config;
- require($this->conf);
- $this->mysql = mysql_connect($db_config['host'],
- $db_config['user'],
- $db_config['password']);
- mysql_set_charset($db_config['charset'], $this->mysql);
- mysql_select_db($db_config['name'], $this->mysql);
- $this->db_prefix = $db_config['prefix'];
- unset($db_config);
- }
- private function mysql_table($table_name) {
- $mysql = $this->mysql();
- $prefix = $this->db_prefix;
- return $prefix.mysql_real_escape_string($table_name, $mysql);
- }
- private function mysql_escape($string) {
- $mysql = $this->mysql();
- return mysql_real_escape_string($string, $mysql);
- }
- private function mysql_query($query) {
- $mysql = $this->mysql();
- return mysql_query($query, $mysql);
- }
- public function mysql_error() {
- $mysql = $this->mysql();
- return mysql_error($mysql);
- }
- // High-Level SQL functions ////////////////////////////////////////////
+ private $users = array();
- // The 'auth' table
+ private $database;
+ private $pw_hasher;
+ private $template;
+ private $pluginManager;
- public function getUID($username) {
- $t = $this->mysql_table('auth');
- $v = $this->mysql_escape($username);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE name='$v' ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['uid'])) {
- return (int)$user['uid'];
- } else {
- return false;
- }
- }
- public function getUsername($uid) {
- if (!is_int($uid)) return false;
- $t = $this->mysql_table('auth');
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['name'])) {
- return $user['name'];
- } else {
- return false;
- }
- }
- public function setUsername($uid, $username) {
- if (!is_int($uid)) return false;
- if ($this->getUID($username) !== false) {
- return false;
+ public function __construct($conf_file) {
+ $this->conf = $conf_file;
+ if (!file_exists($this->conf)) {
+ $this->base = $_SERVER['REQUEST_URI'];
+ $t = $this->template();
+ $t->header('Message Manager');
+ $t->paragraph(
+ 'Awe shiz, dude, conf.php doesn\'t exist, you '.
+ 'need to go through the '.
+ '<a href="installer">installer</a>.');
+ $t->footer();
+ exit();
}
- $table = $this->mysql_table('auth');
- $name = $this->mysql_escape($username);
- $query =
- "UPDATE $table \n".
- "SET name='$name' \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- return ($q?true:false);
+ session_start();
}
- public function getPasswordHash($uid) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
- $query =
- "SELECT * \n".
- "FROM $table \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['hash'])) {
- return $user['hash'];
- } else {
- return false;
- }
- }
- public function setPassword($uid, $password) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
-
- $hasher = $this->hasher();
- @$hash = $hasher->HashPassword($password);
- $query =
- "UPDATE $table \n".
- "SET hash='$hash' \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
- public function addUser($username, $password) {
- $user_exits = $this->getUID($username);
- if ($user_exists) {
- return false;
- }
-
- $table = $this->mysql_table('auth');
- $user = $this->mysql_escape($username);
- $hasher = $this->hasher();
- @$hash = $hasher->HashPassword($password);
- $status = 0;
- $query =
- "INSERT INTO $table ( name, hash , status) \n".
- "VALUES ('$user', '$hash', $status) ;";
- $this->mysql_query($query);
- $uid = $this->getUID($username);
- return $uid;
- }
- public function getStatus($uid) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
- $query =
- "SELECT * \n".
- "FROM $table \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['status'])) {
- return (int)$user['status'];
- } else {
- return false;
- }
- }
- public function setStatus($uid, $status) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
- $s = $this->mysql_escape($status);
- $query =
- "UPDATE $table * \n".
- "SET status=$s \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
- public function countUsers() {
- $table = $this->mysql_table('auth');
- $query = "SELECT COUNT(*) FROM $table;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- $count = $row[0];
- return $count;
- }
- public function listGroups() {
- $table = $this->mysql_table('auth');
- $query =
- "SELECT uid \n".
- "FROM $table \n".
- "WHERE status=3 ;";
- $q = $this->mysql_query($query);
- $groups = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $groups[] = (int)$row[0];
- }
- return $groups;
- }
- public function listGroupNames() {
- $table = $this->mysql_table('auth');
- $query =
- "SELECT name \n".
- "FROM $table \n".
- "WHERE status=3 ;";
- $q = $this->mysql_query($query);
- $groups = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $groups[] = $row[0].'';
- }
- return $groups;
- }
- public function listUsers() {
- $table = $this->mysql_table('auth');
- $query =
- "SELECT uid \n".
- "FROM $table \n".
- "WHERE status < 3 ;";
- $q = $this->mysql_query($query);
- $users = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $users[] = (int)$row[0];
- }
- return $users;
- }
-
- // The 'users' table
-
- public function findUser($setting, $value) {
- $t = $this->mysql_table('users');
- $k = $this->mysql_escape($setting);
- $v = $this->mysql_escape($value);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k = '$k' \n".
- "AND UPPER(v)=UPPER('$v') ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['uid'])) {
- return $user['uid'];
- } else {
- return false;
- }
- }
- public function getUserConf($uid, $setting) {
- if (!is_int($uid)) return false;
- $t = $this->mysql_table('users');
- $k = $this->mysql_escape($setting);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k='$k' \n".
- "AND uid=$uid ;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- if (isset($row['v'])) {
- return $row['v'];
- } else {
- return false;
- }
- }
- public function setUserConf($uid, $setting, $value) {
- if (!is_int($uid)) return false;
- $isset = ($this->getUserConf($uid, $setting) !== false);
- $t = $this->mysql_table('users');
- $k = $this->mysql_escape($setting);
- $v = $this->mysql_escape($value);
- if ($isset) {
- $query =
- "UPDATE $t \n".
- "SET v = '$v' \n".
- "WHERE k = '$k' \n".
- "AND uid = $uid ;";
- } else {
- $query =
- "INSERT INTO $t ( uid, k , v ) \n".
- "VALUES ($uid, '$k', '$v') ;";
- }
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
- public function getUsersInGroup($groupname) {
- $table = $this->mysql_table('users');
- $group = $this->mysql_escape($groupname);
- $query =
- "SELECT uid \n".
- "FROM $table \n".
- "WHERE k='groups' \n".
- "AND v LIKE '%,$group,%' ;";
- $q = $this->mysql_query($query);
- $users = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $users[] = $row[0];
- }
- return $users;
- }
-
- // The 'plugins' table
-
- public function getPluginConf($plugin, $key) {
- $t = $this->mysql_table('plugins');
- $p = $this->mysql_escape($plugin);
- $k = $this->mysql_escape($key);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k='$k' \n".
- "AND plugin='$p' ;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- if (isset($row['v'])) {
- return $row['v'];
- } else {
- return false;
- }
- }
- public function setPluginConf($plugin, $key, $value) {
- $isset = ($this->getPluginConf($plugin, $key) !== false);
- $t = $this->mysql_table('plugins');
- $p = $this->mysql_escape($plugin);
- $k = $this->mysql_escape($key);
- $v = $this->mysql_escape($value);
- if ($isset) {
- $query =
- "UPDATE $t \n".
- "SET v = '$v' \n".
- "WHERE k = '$k' \n".
- "AND plugin = '$p' ;";
- } else {
- $query =
- "INSERT INTO $t (plugin, k , v ) \n".
- "VALUES ('$p' , '$k', '$v') ;";
- }
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
-
- // The 'conf' table
-
- public function getSysConf($key) {
- $t = $this->mysql_table('conf');
- $k = $this->mysql_escape($key);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k='$k' ;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- if (isset($row['v'])) {
- return $row['v'];
- } else {
- return false;
- }
- }
- public function setSysConf($key, $value) {
- $isset = (getSysConf($key) !== false);
- $t = $this->mysql_table('conf');
- $k = $this->mysql_escape($key);
- $v = $this->mysql_escape($value);
- if ($isset) {
- $query =
- "UPDATE $t \n".
- "SET v = '$v' \n".
- "WHERE k = '$k' ;";
- } else {
- $query =
- "INSERT INTO $t ( k , v ) \n".
- "VALUES ('$k', '$v') ;";
- }
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
+ // Load Things
- // If the remaining code has to deal with SQL, you're doing it wrong. //
-
- public function baseUrl() {
- if (!isset($this->base)) {
- $this->base = $this->getSysConf('baseurl');
+ public function database() {
+ if (!isset($this->database)) {
+ require_once('Database.class.php');
+ $this->database = new Database($this->conf);
}
- return $this->base;
+ return $this->database;
}
+
public function hasher() {
if (!isset($this->pw_hasher)) {
require_once('PasswordHash.class.php');
@@ -387,7 +52,7 @@ class MessageManager {
}
return $this->template;
}
-
+
public function pluginManager() {
if (!isset($this->pluginManager)) {
require_once('PluginManager.class.php');
@@ -395,35 +60,9 @@ class MessageManager {
}
return $this->pluginManager;
}
-
- public function login($username, $password) {
- $uid = $this->getUID($username);
- if ($uid===false) {
- // user does not exist
- return 2;
- }
- $hash = $this->getPasswordHash($uid);
- $hasher = $this->hasher();
- if ($hasher->CheckPassword($password, $hash)) {
- // success
- $_SESSION['uid'] = $uid;
- return 0;
- } else {
- // wrong password
- return 1;
- }
- }
- public function isLoggedIn() {
- if ( isset($_SESSION['uid']) && ($_SESSION['uid']!='') ) {
- return $_SESSION['uid'];
- } else {
- return false;
- }
- }
- public function logout() {
- $_SESSION['uid'] = '';
- }
-
+
+ // Utility functions
+
public function shortUrl($longUrl) {
$ch = curl_init('http://ur1.ca');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@@ -436,26 +75,17 @@ class MessageManager {
curl_close($ch);
return $shortUrl;
}
-
- public function __construct($conf_file) {
- $this->conf = $conf_file;
- if (!file_exists($this->conf)) {
- $this->base = $_SERVER['REQUEST_URI'];
- $t = $this->template();
- $t->header('Message Manager');
- $t->paragraph(
- 'Awe shiz, dude, conf.php doesn\'t exist, you '.
- 'need to go through the '.
- '<a href="installer">installer</a>.');
- $t->footer();
- exit();
+
+ public function baseUrl() {
+ if (!isset($this->base)) {
+ $this->base = $this->database()->getSysConf('baseurl');
}
- session_start();
+ return $this->base;
}
-
+
public function getAuthObj($uid) {
if (!isset($this->users[$uid])) {
- $is_group = ($this->getStatus($uid)===3);
+ $is_group = ($this->database()->getStatus($uid)===3);
if ($is_group) {
require_once('Group.class.php');
$this->users[$uid] = new Group($uid);
@@ -466,33 +96,4 @@ class MessageManager {
}
return $this->users[$uid];
}
- /**
- * Strip out empty group names and duplicates, sort.
- */
- private function sanitizeArray($in) {
- $out = array();
- foreach ($in as $item) {
- if (($item !== '')&&(!in_array($item, $out))) {
- $out[] = $item;
- }
- }
- natsort($out);
- return $out;
- }
- /**
- * Translate an array into a value suitable to be stored into a
- * key-value store in the database.
- */
- public function arrayToValue($list) {
- $out_list = $this->sanitizeArray($list);
- return ','.implode(',', $out_list).',';
- }
- /**
- * Translate a value from arrayToValue() back into an array.
- */
- public function valueToArray($value) {
- $raw_list = explode(',', $value);
- $out_list = $this->sanitizeArray($raw_list);
- return $out_list;
- }
}