1 |
dashley |
35 |
<?php
|
2 |
|
|
//$Header: /hl/cvsroots/gpl01/gpl01/webprojs/fboprime/sw/phplib/usrs.inc,v 1.11 2006/11/04 21:09:31 dashley Exp $
|
3 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
4 |
|
|
//usrs.inc--FboPrime Database usrs Table Manipulation Functions
|
5 |
|
|
//Copyright (C) 2006 David T. Ashley
|
6 |
|
|
//
|
7 |
|
|
//This program is free software; you can redistribute it and/or
|
8 |
|
|
//modify it under the terms of the GNU General Public License
|
9 |
|
|
//as published by the Free Software Foundation; either version 2
|
10 |
|
|
//of the License, or (at your option) any later version.
|
11 |
|
|
//
|
12 |
|
|
//This program is distributed in the hope that it will be useful,
|
13 |
|
|
//but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14 |
|
|
//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15 |
|
|
//GNU General Public License for more details.
|
16 |
|
|
//
|
17 |
|
|
//You should have received a copy of the GNU General Public License
|
18 |
|
|
//along with this program; if not, write to the Free Software
|
19 |
|
|
//Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
20 |
|
|
//********************************************************************************
|
21 |
|
|
//Contains functions related to [operations on] the usrs table of the database.
|
22 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
23 |
|
|
//
|
24 |
|
|
require_once("db.inc");
|
25 |
|
|
require_once("global.inc");
|
26 |
|
|
//
|
27 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
28 |
|
|
//Constants for usrs table fields.
|
29 |
|
|
//
|
30 |
|
|
//Constants for the status field of the usrs table.
|
31 |
|
|
define("USRS_STATUS_INACTIVE", 0 );
|
32 |
|
|
define("USRS_STATUS_ACTIVE", 1 );
|
33 |
|
|
define("USRS_STATUS_MAX", 2 );
|
34 |
|
|
//
|
35 |
|
|
//Constants for the "role" of the usrs table. Note that only short tags and descriptive strings and included,
|
36 |
|
|
//the integer index (starting at 0) is implied by the location in the table.
|
37 |
|
|
//
|
38 |
|
|
define("USRS_ROLE_UNSPECIFIED", 0 );
|
39 |
|
|
define("USRS_ROLE_STUDPRESOLO", 1 );
|
40 |
|
|
define("USRS_ROLE_STUDSOLO", 2 );
|
41 |
|
|
define("USRS_ROLE_CUSTNONPILOT", 3 );
|
42 |
|
|
define("USRS_ROLE_CUSTPILOT", 4 );
|
43 |
|
|
define("USRS_ROLE_EMPLINE", 5 );
|
44 |
|
|
define("USRS_ROLE_EMPMECHANIC", 6 );
|
45 |
|
|
define("USRS_ROLE_EMPOFFICE", 7 );
|
46 |
|
|
define("USRS_ROLE_EMPFINST", 8 );
|
47 |
|
|
define("USRS_ROLE_OWNER", 9 );
|
48 |
|
|
define("USRS_ROLE_MAX", 10 );
|
49 |
|
|
$USRS_ROLE_ARRAY = array(
|
50 |
|
|
"unspecified", "Unspecified",
|
51 |
|
|
"studpresolo", "Student, Pre-Solo",
|
52 |
|
|
"studsolo", "Student, Solo",
|
53 |
|
|
"custnonpilot", "Customer, Non-Pilot",
|
54 |
|
|
"custpilot", "Customer, Pilot",
|
55 |
|
|
"empline", "Employee, Line",
|
56 |
|
|
"empmechanic", "Employee, Mechanic",
|
57 |
|
|
"empoffice", "Employee, Office",
|
58 |
|
|
"empfinst", "Employee, Flight Instructor",
|
59 |
|
|
"owner", "Owner"
|
60 |
|
|
);
|
61 |
|
|
//
|
62 |
|
|
//Constants for the sex (gender) of the user.
|
63 |
|
|
define("USRS_SEX_UNSPECIFIED", 0 );
|
64 |
|
|
define("USRS_SEX_FEMALE", 1 );
|
65 |
|
|
define("USRS_SEX_MALE", 2 );
|
66 |
|
|
//
|
67 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
68 |
|
|
//Warning codes for the functions in usrs.inc and usrsx.inc. Warnings are typically returned as an array.
|
69 |
|
|
//
|
70 |
|
|
define("USRS_WARN_NONE", 0 ); //No warning.
|
71 |
|
|
//
|
72 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
73 |
|
|
//Error codes for the functions in usrs.inc and usrsx.inc. Errors are typically returned as an array.
|
74 |
|
|
//
|
75 |
|
|
define("USRS_ERROR_NONE", 0 ); //No error.
|
76 |
|
|
define("USRS_ERROR_ACTION_PAR_ILLEGAL", 1 ); //The "action" parameter was illegal.
|
77 |
|
|
define("USRS_ERROR_IDX_ILLEGAL", 2 ); //The integer index supplied is illegal.
|
78 |
|
|
define("USRS_ERROR_USERID_ILLEGAL", 3 ); //The userid supplied is illegal.
|
79 |
|
|
define("USRS_ERROR_IDX_ON_ADD", 4 ); //The idx was specified on an add (illegal).
|
80 |
|
|
define("USRS_ERROR_NO_USERID_ON_ADD", 5 ); //The userid was missing on an add operation.
|
81 |
|
|
define("USRS_ERROR_DUP_USERID_ON_ADD", 6 ); //The userid was already in the table on an add operation.
|
82 |
|
|
define("USRS_ERROR_MOD_REC_NOT_PRESENT", 7 ); //The user record specified was not present.
|
83 |
|
|
define("USRS_ERROR_MOD_IDX_USERID_INCONSISTENT", 8 ); //The index and userid were both specified for modification,
|
84 |
|
|
//and they were inconsistent.
|
85 |
|
|
define("USRS_ERROR_EDITING_COLLISION", 9 ); //Attempt to modify a record that was modified since browser
|
86 |
|
|
//form copy loaded.
|
87 |
|
|
define("USRS_ERROR_UNSPECIFIED", 10 ); //An error of an unknown, unspecified, or unexpected type.
|
88 |
|
|
//
|
89 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
90 |
|
|
//Returns TRUE if the passed string is acceptable for a userid, or an array of complaints
|
91 |
|
|
//if the passed string is not acceptable.
|
92 |
|
|
//
|
93 |
|
|
function USRS_userid_membership_test($arg)
|
94 |
|
|
{
|
95 |
|
|
$rvidx = 0;
|
96 |
|
|
|
97 |
|
|
//Must be string type.
|
98 |
|
|
if (! is_string($arg))
|
99 |
|
|
{
|
100 |
|
|
$rv[$rvidx] = "The <i>userid</i> must be a string (internal software error).";
|
101 |
|
|
$rvidx++;
|
102 |
|
|
return($rv);
|
103 |
|
|
}
|
104 |
|
|
|
105 |
|
|
//Must not be zero length.
|
106 |
|
|
$len = strlen($arg);
|
107 |
|
|
if ($len == 0)
|
108 |
|
|
{
|
109 |
|
|
$rv[$rvidx] = "The <i>userid</i> must be at least one character long.";
|
110 |
|
|
$rvidx++;
|
111 |
|
|
return($rv);
|
112 |
|
|
}
|
113 |
|
|
|
114 |
|
|
//Must not be too long.
|
115 |
|
|
if ($len > 20)
|
116 |
|
|
{
|
117 |
|
|
$rv[$rvidx] = "The <i>userid</i> may not be longer than 20 characters.";
|
118 |
|
|
$rvidx++;
|
119 |
|
|
return($rv);
|
120 |
|
|
}
|
121 |
|
|
|
122 |
|
|
//Split the string for further analysis.
|
123 |
|
|
$first_char = SubStr($arg, 0, 1);
|
124 |
|
|
$remainder = SubStr($arg, 1, $len-1);
|
125 |
|
|
|
126 |
|
|
//First character must be lower-case letter.
|
127 |
|
|
if (strpos("abcdefghijklmnopqrstuvwxyz", $first_char) === FALSE)
|
128 |
|
|
{
|
129 |
|
|
$rv[$rvidx] = "The first character of the <i>userid</i> must be a letter.";
|
130 |
|
|
$rvidx++;
|
131 |
|
|
return($rv);
|
132 |
|
|
}
|
133 |
|
|
|
134 |
|
|
//Remaining characters must be lower-case letters or digits.
|
135 |
|
|
for ($i=0; $i < ($len-1); $i++)
|
136 |
|
|
{
|
137 |
|
|
$c = SubStr($remainder, $i, 1);
|
138 |
|
|
if (strpos("abcdefghijklmnopqrstuvwxyz0123456789", $c) === FALSE)
|
139 |
|
|
{
|
140 |
|
|
$rv[$rvidx] = "All characters of the <i>userid</i> must be letters or digits.";
|
141 |
|
|
$rvidx++;
|
142 |
|
|
return($rv);
|
143 |
|
|
}
|
144 |
|
|
}
|
145 |
|
|
|
146 |
|
|
//Seems OK.
|
147 |
|
|
return(TRUE);
|
148 |
|
|
}
|
149 |
|
|
//
|
150 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
151 |
|
|
//Returns the index of the entry from the usrs table where the userid matches, or
|
152 |
|
|
//FALSE if the entry does not exist.
|
153 |
|
|
//
|
154 |
|
|
function USRS_userid_idx_map($arg)
|
155 |
|
|
{
|
156 |
|
|
global $GLOBAL_dbhandle;
|
157 |
|
|
|
158 |
|
|
//Form the query string.
|
159 |
|
|
$query_string = "SELECT idx FROM usrs WHERE userid=\""
|
160 |
|
|
.
|
161 |
|
|
mysql_real_escape_string($arg, $GLOBAL_dbhandle)
|
162 |
|
|
.
|
163 |
|
|
"\"";
|
164 |
|
|
|
165 |
|
|
//Execute the query.
|
166 |
|
|
$result = mysql_query($query_string, $GLOBAL_dbhandle);
|
167 |
|
|
|
168 |
|
|
if ($result === FALSE)
|
169 |
|
|
{
|
170 |
|
|
//Unknown query failure. Return FALSE to the caller. No need to free,
|
171 |
|
|
//as this is not a result.
|
172 |
|
|
return(FALSE);
|
173 |
|
|
}
|
174 |
|
|
else
|
175 |
|
|
{
|
176 |
|
|
//Get the integer result.
|
177 |
|
|
$row = mysql_fetch_array($result, MYSQL_NUM);
|
178 |
|
|
|
179 |
|
|
$rv = $row[0];
|
180 |
|
|
|
181 |
|
|
//Free the result.
|
182 |
|
|
mysql_free_result($result);
|
183 |
|
|
|
184 |
|
|
//Return the appropriate.
|
185 |
|
|
if($rv > 0)
|
186 |
|
|
return($rv);
|
187 |
|
|
else
|
188 |
|
|
return(FALSE);
|
189 |
|
|
}
|
190 |
|
|
}
|
191 |
|
|
//
|
192 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
193 |
|
|
//Retrieves a two dimensional associative array corresponding to the USRS record
|
194 |
|
|
//with the passed USERID, or FALSE if the record does not exist.
|
195 |
|
|
//
|
196 |
|
|
function USRS_retrieve_by_userid($userid)
|
197 |
|
|
{
|
198 |
|
|
global $GLOBAL_dbhandle;
|
199 |
|
|
|
200 |
|
|
//Form the query string.
|
201 |
|
|
$query_string = "SELECT * FROM usrs WHERE userid=\""
|
202 |
|
|
.
|
203 |
|
|
mysql_real_escape_string($userid, $GLOBAL_dbhandle)
|
204 |
|
|
.
|
205 |
|
|
"\"";
|
206 |
|
|
|
207 |
|
|
//Execute the query.
|
208 |
|
|
$result = mysql_query($query_string, $GLOBAL_dbhandle);
|
209 |
|
|
|
210 |
|
|
if ($result === FALSE)
|
211 |
|
|
{
|
212 |
|
|
//Unknown query failure. Return FALSE to the caller. No need to free,
|
213 |
|
|
//as this is not a result.
|
214 |
|
|
$rv = FALSE;
|
215 |
|
|
}
|
216 |
|
|
else
|
217 |
|
|
{
|
218 |
|
|
//Figure out how many rows in the result.
|
219 |
|
|
$nrows = mysql_num_rows($result);
|
220 |
|
|
|
221 |
|
|
if ($nrows == 0)
|
222 |
|
|
{
|
223 |
|
|
//No rows in the result. The query failed to give us a record, but still
|
224 |
|
|
//we need to free the result set.
|
225 |
|
|
|
226 |
|
|
//Free the result.
|
227 |
|
|
mysql_free_result($result);
|
228 |
|
|
|
229 |
|
|
//The caller gets FALSE. No record with that SID.
|
230 |
|
|
$rv = FALSE;
|
231 |
|
|
}
|
232 |
|
|
else
|
233 |
|
|
{
|
234 |
|
|
//We have at least one record. Assume just one, because the USERID is supposed
|
235 |
|
|
//to be unique.
|
236 |
|
|
$rv = mysql_fetch_assoc($result); //Get the associative record.
|
237 |
|
|
|
238 |
|
|
//Free the result.
|
239 |
|
|
mysql_free_result($result);
|
240 |
|
|
}
|
241 |
|
|
|
242 |
|
|
//Return the value to the caller.
|
243 |
|
|
return($rv);
|
244 |
|
|
}
|
245 |
|
|
}
|
246 |
|
|
//
|
247 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
248 |
|
|
//Retrieves a two dimensional associative array corresponding to the USRS record
|
249 |
|
|
//with the passed IDX, or FALSE if the record does not exist.
|
250 |
|
|
//
|
251 |
|
|
function USRS_retrieve_by_idx($idx)
|
252 |
|
|
{
|
253 |
|
|
global $GLOBAL_dbhandle;
|
254 |
|
|
|
255 |
|
|
//Form the query string.
|
256 |
|
|
$query_string = "SELECT * FROM usrs WHERE idx=\""
|
257 |
|
|
.
|
258 |
|
|
mysql_real_escape_string($idx, $GLOBAL_dbhandle)
|
259 |
|
|
.
|
260 |
|
|
"\"";
|
261 |
|
|
|
262 |
|
|
//Execute the query.
|
263 |
|
|
$result = mysql_query($query_string, $GLOBAL_dbhandle);
|
264 |
|
|
|
265 |
|
|
if ($result === FALSE)
|
266 |
|
|
{
|
267 |
|
|
//Unknown query failure. Return FALSE to the caller. No need to free,
|
268 |
|
|
//as this is not a result.
|
269 |
|
|
$rv = FALSE;
|
270 |
|
|
}
|
271 |
|
|
else
|
272 |
|
|
{
|
273 |
|
|
//Figure out how many rows in the result.
|
274 |
|
|
$nrows = mysql_num_rows($result);
|
275 |
|
|
|
276 |
|
|
if ($nrows == 0)
|
277 |
|
|
{
|
278 |
|
|
//No rows in the result. The query failed to give us a record, but still
|
279 |
|
|
//we need to free the result set.
|
280 |
|
|
|
281 |
|
|
//Free the result.
|
282 |
|
|
mysql_free_result($result);
|
283 |
|
|
|
284 |
|
|
//The caller gets FALSE. No record with that SID.
|
285 |
|
|
$rv = FALSE;
|
286 |
|
|
}
|
287 |
|
|
else
|
288 |
|
|
{
|
289 |
|
|
//We have at least one record. Assume just one, because the IDX is supposed
|
290 |
|
|
//to be unique.
|
291 |
|
|
$rv = mysql_fetch_assoc($result); //Get the associative record.
|
292 |
|
|
|
293 |
|
|
//Free the result.
|
294 |
|
|
mysql_free_result($result);
|
295 |
|
|
}
|
296 |
|
|
|
297 |
|
|
//Return the value to the caller.
|
298 |
|
|
return($rv);
|
299 |
|
|
}
|
300 |
|
|
}
|
301 |
|
|
//
|
302 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
303 |
|
|
//Given an associative array containing information about a user, returns:
|
304 |
|
|
// a)The userid.
|
305 |
|
|
// b)The name to be displayed. The database rules may be lax, so need to protect for the possibility that
|
306 |
|
|
// the last name, first name, or both are missing.
|
307 |
|
|
//
|
308 |
|
|
function USRS_form_display_strings_a($uinfo, &$userid, &$dname)
|
309 |
|
|
{
|
310 |
|
|
if ($uinfo === FALSE)
|
311 |
|
|
{
|
312 |
|
|
$userid = "invaliduser";
|
313 |
|
|
$dname = "Invalid User";
|
314 |
|
|
}
|
315 |
|
|
else if ((strlen($uinfo["lname"]) > 0) && (strlen($uinfo["fname"]) > 0))
|
316 |
|
|
{
|
317 |
|
|
//This is the very normal case where we have a first and last name.
|
318 |
|
|
$userid = $uinfo["userid"];
|
319 |
|
|
$dname = $uinfo["fname"] . " " . $uinfo["lname"];
|
320 |
|
|
}
|
321 |
|
|
else if ((strlen($uinfo["lname"]) > 0) && (strlen($uinfo["fname"]) == 0))
|
322 |
|
|
{
|
323 |
|
|
//First name seems to be absent.
|
324 |
|
|
if ($uinfo["sex"] == USRS_SEX_UNSPECIFIED)
|
325 |
|
|
{
|
326 |
|
|
$title = "Mr. or Ms.";
|
327 |
|
|
}
|
328 |
|
|
else if ($uinfo["sex"] == USRS_SEX_FEMALE)
|
329 |
|
|
{
|
330 |
|
|
$title = "Ms.";
|
331 |
|
|
}
|
332 |
|
|
else
|
333 |
|
|
{
|
334 |
|
|
$title = "Mr.";
|
335 |
|
|
}
|
336 |
|
|
|
337 |
|
|
$userid = $uinfo["userid"];
|
338 |
|
|
$dname = $title . " " . $uinfo["lname"];
|
339 |
|
|
}
|
340 |
|
|
else
|
341 |
|
|
{
|
342 |
|
|
//We want to refer to this user by number rather than name. The name seems to be
|
343 |
|
|
//critically absent.
|
344 |
|
|
$userid = $uinfo["userid"];
|
345 |
|
|
$dname = sprintf("User #%d", $uinfo["idx"]);
|
346 |
|
|
}
|
347 |
|
|
}
|
348 |
|
|
//
|
349 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
350 |
|
|
//Updates the "mostrecentlogin" string of a user's database record. Input parameter is minimally
|
351 |
|
|
//checked to be sure no surprises.
|
352 |
|
|
//
|
353 |
|
|
//The crmodsguid of the record isn't updated or checked. Reason is that this is an independent
|
354 |
|
|
//matter (the most recent login time) and not something that can ever be changed directly by
|
355 |
|
|
//a user.
|
356 |
|
|
//
|
357 |
|
|
function USRS_set_mostrecentlogin($userinfo, $mrl_in)
|
358 |
|
|
{
|
359 |
|
|
global $GLOBAL_dbhandle;
|
360 |
|
|
|
361 |
|
|
//echo "<pre>\n";
|
362 |
|
|
//print_r($sid_in);
|
363 |
|
|
//print_r($sddt_in);
|
364 |
|
|
//print_r($sdtim_in);
|
365 |
|
|
//echo "</pre>\n";
|
366 |
|
|
|
367 |
|
|
//Force this to be a string.
|
368 |
|
|
$mrl_in = (string)$mrl_in;
|
369 |
|
|
|
370 |
|
|
//Force this to be all numeric.
|
371 |
|
|
$mrl_in = STRFUNC_force_into_subset($mrl_in, "0123456789");
|
372 |
|
|
|
373 |
|
|
//If it is longer than 8 characters, whack it down.
|
374 |
|
|
if (strlen($mrl_in) > 8)
|
375 |
|
|
$mrl_in = SubStr($mrl_in, 0, 8);
|
376 |
|
|
|
377 |
|
|
//Do the query. Nothing should go wrong.
|
378 |
|
|
$query_string = "UPDATE usrs set mostrecentlogin=\""
|
379 |
|
|
.
|
380 |
|
|
mysql_real_escape_string ($mrl_in, $GLOBAL_dbhandle)
|
381 |
|
|
.
|
382 |
|
|
"\" WHERE idx=\""
|
383 |
|
|
.
|
384 |
|
|
$userinfo["idx"]
|
385 |
|
|
.
|
386 |
|
|
"\"";
|
387 |
|
|
//Run the query. We don't much care whether it fails or succeeds (nothing to be done, anyway).
|
388 |
|
|
mysql_query($query_string, $GLOBAL_dbhandle);
|
389 |
|
|
}
|
390 |
|
|
//
|
391 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
392 |
|
|
//End of $RCSfile: usrs.inc,v $.
|
393 |
|
|
//--------------------------------------------------------------------------------------------------------------
|
394 |
|
|
?>
|