| [ Index ] |
PHP Cross Reference of Nucleus CMS v3.51 code documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) 5 * Copyright (C) 2002-2009 The Nucleus Group 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License 9 * as published by the Free Software Foundation; either version 2 10 * of the License, or (at your option) any later version. 11 * (see nucleus/documentation/index.html#license for more info) 12 */ 13 /** 14 * A class representing site members 15 * 16 * @license http://nucleuscms.org/license.txt GNU General Public License 17 * @copyright Copyright (C) 2002-2009 The Nucleus Group 18 * @version $Id: MEMBER.php 1388 2009-07-18 06:31:28Z shizuki $ 19 */ 20 class MEMBER { 21 22 // 1 when authenticated, 0 when not 23 var $loggedin = 0; 24 var $password; // not the actual password, but rather a MD5 hash 25 26 var $cookiekey; // value that should also be in the client cookie to allow authentication 27 28 // member info 29 var $id = -1; 30 var $realname; 31 var $displayname; 32 var $email; 33 var $url; 34 var $language = ''; // name of the language file to use (e.g. 'english' -> english.php) 35 var $admin = 0; // (either 0 or 1) 36 var $canlogin = 0; // (either 0 or 1) 37 var $notes; 38 var $autosave = 1; // if the member use the autosave draft function 39 40 /** 41 * Constructor for a member object 42 */ 43 function MEMBER() { 44 // do nothing 45 } 46 47 /** 48 * Create a member object for a given displayname 49 * 50 * @static 51 */ 52 function &createFromName($displayname) { 53 $mem =& new MEMBER(); 54 $mem->readFromName($displayname); 55 return $mem; 56 } 57 58 /** 59 * Create a member object for a given ID 60 * 61 * @static 62 */ 63 function &createFromID($id) { 64 $mem =& new MEMBER(); 65 $mem->readFromID($id); 66 return $mem; 67 } 68 69 function readFromName($displayname) { 70 return $this->read("mname='".addslashes($displayname)."'"); 71 } 72 73 function readFromID($id) { 74 return $this->read("mnumber=" . intval($id)); 75 } 76 77 /** 78 * Tries to login as a given user. 79 * Returns true when succeeded, returns false when failed 80 * 3.40 adds CustomLogin event 81 */ 82 function login($login, $password) { 83 global $manager; 84 $this->loggedin = 0; 85 $success = 0; 86 $allowlocal = 1; 87 $manager->notify('CustomLogin', array('login' => &$login, 'password'=>&$password, 'success'=>&$success, 'allowlocal'=>&$allowlocal) ); 88 if ($success && $this->readFromName($login)) { 89 $this->loggedin = 1; 90 return $this->isLoggedIn(); 91 } elseif (!$success && $allowlocal) { 92 if (!$this->readFromName($login)) 93 return 0; 94 if (!$this->checkPassword($password)) 95 return 0; 96 $this->loggedin = 1; 97 return $this->isLoggedIn(); 98 } else { 99 return 0; 100 } 101 } 102 103 /** 104 * Login using cookie key 105 */ 106 function cookielogin($login, $cookiekey) { 107 $this->loggedin = 0; 108 if (!$this->readFromName($login)) 109 return 0; 110 if (!$this->checkCookieKey($cookiekey)) 111 return 0; 112 $this->loggedin = 1; 113 return $this->isLoggedIn(); 114 } 115 116 function logout() { 117 $this->loggedin=0; 118 } 119 120 function isLoggedIn() { 121 return $this->loggedin; 122 } 123 124 /** 125 * Read member information from the database 126 */ 127 function read($where) { 128 // read info 129 $query = 'SELECT * FROM '.sql_table('member') . ' WHERE ' . $where; 130 131 $res = sql_query($query); 132 $obj = sql_fetch_object($res); 133 134 $this->setRealName($obj->mrealname); 135 $this->setEmail($obj->memail); 136 $this->password = $obj->mpassword; 137 $this->setCookieKey($obj->mcookiekey); 138 $this->setURL($obj->murl); 139 $this->setDisplayName($obj->mname); 140 $this->setAdmin($obj->madmin); 141 $this->id = $obj->mnumber; 142 $this->setCanLogin($obj->mcanlogin); 143 $this->setNotes($obj->mnotes); 144 $this->setLanguage($obj->deflang); 145 $this->setAutosave($obj->mautosave); 146 147 return sql_num_rows($res); 148 } 149 150 151 /** 152 * Returns true if member is an admin for the given blog 153 * (returns false if not a team member) 154 */ 155 function isBlogAdmin($blogid) { 156 $query = 'SELECT tadmin FROM '.sql_table('team').' WHERE' 157 . ' tblog=' . intval($blogid) 158 . ' and tmember='. $this->getID(); 159 $res = sql_query($query); 160 if (sql_num_rows($res) == 0) 161 return 0; 162 else 163 return (sql_result($res,0,0) == 1) ; 164 } 165 166 function blogAdminRights($blogid) { 167 return ($this->isAdmin() || $this->isBlogAdmin($blogid)); 168 } 169 170 171 function teamRights($blogid) { 172 return ($this->isAdmin() || $this->isTeamMember($blogid)); 173 } 174 175 /** 176 * Returns true if this member is a team member of the given blog 177 */ 178 function isTeamMember($blogid) { 179 $query = 'SELECT * FROM '.sql_table('team').' WHERE' 180 . ' tblog=' . intval($blogid) 181 . ' and tmember='. $this->getID(); 182 $res = sql_query($query); 183 return (sql_num_rows($res) != 0); 184 } 185 186 function canAddItem($catid) { 187 global $manager; 188 189 // if this is a 'newcat' style newcat 190 // no blog admin of destination blog -> NOK 191 // blog admin of destination blog -> OK 192 if (strstr($catid,'newcat')) { 193 // get blogid 194 list($blogid) = sscanf($catid,"newcat-%d"); 195 return $this->blogAdminRights($blogid); 196 } 197 198 // category does not exist -> NOK 199 if (!$manager->existsCategory($catid)) return 0; 200 201 $blogid = getBlogIDFromCatID($catid); 202 203 // no team rights for blog -> NOK 204 if (!$this->teamRights($blogid)) return 0; 205 206 // all other cases: OK 207 return 1; 208 } 209 210 /** 211 * Returns true if this member can edit/delete a commentitem. This can be in the 212 * following cases: 213 * - member is a super-admin 214 * - member is the author of the comment 215 * - member is admin of the blog associated with the comment 216 * - member is author of the item associated with the comment 217 */ 218 function canAlterComment($commentid) { 219 if ($this->isAdmin()) return 1; 220 221 $query = 'SELECT citem as itemid, iblog as blogid, cmember as cauthor, iauthor' 222 . ' FROM '.sql_table('comment') .', '.sql_table('item').', '.sql_table('blog') 223 . ' WHERE citem=inumber and iblog=bnumber and cnumber=' . intval($commentid); 224 $res = sql_query($query); 225 $obj = sql_fetch_object($res); 226 227 return ($obj->cauthor == $this->getID()) or $this->isBlogAdmin($obj->blogid) or ($obj->iauthor == $this->getID()); 228 } 229 230 /** 231 * Returns true if this member can edit/delete an item. This is true in the following 232 * cases: - member is a super-admin 233 * - member is the author of the item 234 * - member is admin of the the associated blog 235 */ 236 function canAlterItem($itemid) { 237 if ($this->isAdmin()) return 1; 238 239 $query = 'SELECT iblog, iauthor FROM '.sql_table('item').' WHERE inumber=' . intval($itemid); 240 $res = sql_query($query); 241 $obj = sql_fetch_object($res); 242 return ($obj->iauthor == $this->getID()) or $this->isBlogAdmin($obj->iblog); 243 } 244 245 /** 246 * Return true if member can be deleted. This means that there are no items 247 * posted by the member left 248 */ 249 function canBeDeleted() { 250 $res = sql_query('SELECT * FROM '.sql_table('item').' WHERE iauthor=' . $this->getID()); 251 return (sql_num_rows($res) == 0); 252 } 253 254 /** 255 * returns true if this member can move/update an item to a given category, 256 * false if not (see comments fot the tests that are executed) 257 * 258 * @param itemid 259 * @param newcat (can also be of form 'newcat-x' with x=blogid) 260 */ 261 function canUpdateItem($itemid, $newcat) { 262 global $manager; 263 264 // item does not exists -> NOK 265 if (!$manager->existsItem($itemid,1,1)) return 0; 266 267 // cannot alter item -> NOK 268 if (!$this->canAlterItem($itemid)) return 0; 269 270 // if this is a 'newcat' style newcat 271 // no blog admin of destination blog -> NOK 272 // blog admin of destination blog -> OK 273 if (strstr($newcat,'newcat')) { 274 // get blogid 275 list($blogid) = sscanf($newcat,'newcat-%d'); 276 return $this->blogAdminRights($blogid); 277 } 278 279 // category does not exist -> NOK 280 if (!$manager->existsCategory($newcat)) return 0; 281 282 283 // get item 284 $item =& $manager->getItem($itemid,1,1); 285 286 // old catid = new catid -> OK 287 if ($item['catid'] == $newcat) return 1; 288 289 // not a valid category -> NOK 290 $validCat = quickQuery('SELECT COUNT(*) AS result FROM '.sql_table('category').' WHERE catid='.intval($newcat)); 291 if (!$validCat) return 0; 292 293 // get destination blog 294 $source_blogid = getBlogIDFromItemID($itemid); 295 $dest_blogid = getBlogIDFromCatID($newcat); 296 297 // not a team member of destination blog -> NOK 298 if (!$this->teamRights($dest_blogid)) return 0; 299 300 // if member is author of item -> OK 301 if ($item['authorid'] == $this->getID()) return 1; 302 303 // if member has admin rights on both blogs: OK 304 if (($this->blogAdminRights($dest_blogid)) && ($this->blogAdminRights($source_blogid))) return 1; 305 306 // all other cases: NOK 307 return 0; 308 309 } 310 311 /** 312 * Sets the cookies for the member 313 * 314 * @param shared 315 * set this to 1 when using a shared computer. Cookies will expire 316 * at the end of the session in this case. 317 */ 318 function setCookies($shared = 0) { 319 global $CONF; 320 321 if ($CONF['SessionCookie'] || $shared) 322 $lifetime = 0; 323 else 324 $lifetime = (time()+2592000); 325 326 setcookie($CONF['CookiePrefix'] .'user',$this->getDisplayName(),$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']); 327 setcookie($CONF['CookiePrefix'] .'loginkey', $this->getCookieKey(),$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']); 328 329 // make sure cookies on shared pcs don't get renewed 330 if ($shared) 331 setcookie($CONF['CookiePrefix'] .'sharedpc', '1',$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']); 332 } 333 334 function sendActivationLink($type, $extra='') 335 { 336 global $CONF; 337 338 // generate key and URL 339 $key = $this->generateActivationEntry($type, $extra); 340 $url = $CONF['AdminURL'] . 'index.php?action=activate&key=' . $key; 341 342 // choose text to use in mail 343 switch ($type) 344 { 345 case 'register': 346 $message = _ACTIVATE_REGISTER_MAIL; 347 $title = _ACTIVATE_REGISTER_MAILTITLE; 348 break; 349 case 'forgot': 350 $message = _ACTIVATE_FORGOT_MAIL; 351 $title = _ACTIVATE_FORGOT_MAILTITLE; 352 break; 353 case 'addresschange': 354 $message = _ACTIVATE_CHANGE_MAIL; 355 $title = _ACTIVATE_CHANGE_MAILTITLE; 356 break; 357 default; 358 } 359 360 // fill out variables in text 361 362 $aVars = array( 363 'siteName' => $CONF['SiteName'], 364 'siteUrl' => $CONF['IndexURL'], 365 'memberName' => $this->getDisplayName(), 366 'activationUrl' => $url 367 ); 368 369 $message = TEMPLATE::fill($message, $aVars); 370 $title = TEMPLATE::fill($title, $aVars); 371 372 // send mail 373 374 @mail($this->getEmail(), $title ,$message,'From: ' . $CONF['AdminEmail']); 375 376 ACTIONLOG::add(INFO, _ACTIONLOG_ACTIVATIONLINK . ' (' . $this->getDisplayName() . ' / type: ' . $type . ')'); 377 378 379 } 380 381 /** 382 * Returns an array of all blogids for which member has admin rights 383 */ 384 function getAdminBlogs() { 385 $blogs = array(); 386 387 if ($this->isAdmin()) 388 $query = 'SELECT bnumber as blogid from '.sql_table('blog'); 389 else 390 $query = 'SELECT tblog as blogid from '.sql_table('team').' where tadmin=1 and tmember=' . $this->getID(); 391 392 $res = sql_query($query); 393 if (sql_num_rows($res) > 0) { 394 while ($obj = sql_fetch_object($res)) { 395 array_push($blogs, $obj->blogid); 396 } 397 } 398 399 return $blogs; 400 } 401 402 /** 403 * Returns an array of all blogids for which member has team rights 404 */ 405 function getTeamBlogs($incAdmin = 1) { 406 $incAdmin = intval($incAdmin); 407 $blogs = array(); 408 409 if ($this->isAdmin() && $incAdmin) 410 $query = 'SELECT bnumber as blogid from '.sql_table('blog'); 411 else 412 $query = 'SELECT tblog as blogid from '.sql_table('team').' where tmember=' . $this->getID(); 413 414 $res = sql_query($query); 415 if (sql_num_rows($res) > 0) { 416 while ($obj = sql_fetch_object($res)) { 417 array_push($blogs, $obj->blogid); 418 } 419 } 420 421 return $blogs; 422 } 423 424 /** 425 * Returns an email address from which notification of commenting/karma voting can 426 * be sent. A suggestion can be given for when the member is not logged in 427 */ 428 function getNotifyFromMailAddress($suggest = "") { 429 global $CONF; 430 if ($this->isLoggedIn()) { 431 return $this->getDisplayName() . " <" . $this->getEmail() . ">"; 432 } else if (isValidMailAddress($suggest)) { 433 return $suggest; 434 } else { 435 return $CONF['AdminEmail']; 436 } 437 } 438 439 /** 440 * Write data to database 441 */ 442 function write() { 443 444 $query = 'UPDATE '.sql_table('member') 445 . " SET mname='" . addslashes($this->getDisplayName()) . "'," 446 . " mrealname='". addslashes($this->getRealName()) . "'," 447 . " mpassword='". addslashes($this->getPassword()) . "'," 448 . " mcookiekey='". addslashes($this->getCookieKey()) . "'," 449 . " murl='" . addslashes($this->getURL()) . "'," 450 . " memail='" . addslashes($this->getEmail()) . "'," 451 . " madmin=" . $this->isAdmin() . "," 452 . " mnotes='" . addslashes($this->getNotes()) . "'," 453 . " mcanlogin=" . $this->canLogin() . "," 454 . " deflang='" . addslashes($this->getLanguage()) . "'," 455 . " mautosave=" . intval($this->getAutosave()) . "" 456 . " WHERE mnumber=" . $this->getID(); 457 sql_query($query); 458 } 459 460 function checkCookieKey($key) { 461 return (($key != '') && ($key == $this->getCookieKey())); 462 } 463 464 function checkPassword($pw) { 465 return (md5($pw) == $this->getPassword()); 466 } 467 468 function getRealName() { 469 return $this->realname; 470 } 471 472 function setRealName($name) { 473 $this->realname = $name; 474 } 475 476 function getEmail() { 477 return $this->email; 478 } 479 480 function setEmail($email) { 481 $this->email = $email; 482 } 483 484 function getPassword() { 485 return $this->password; 486 } 487 488 function setPassword($pwd) { 489 $this->password = md5($pwd); 490 } 491 492 function getCookieKey() { 493 return $this->cookiekey; 494 } 495 496 /** 497 * Generate new cookiekey, save it, and return it 498 */ 499 function newCookieKey() { 500 mt_srand( (double) microtime() * 1000000); 501 $this->cookiekey = md5(uniqid(mt_rand())); 502 $this->write(); 503 return $this->cookiekey; 504 } 505 506 function setCookieKey($val) { 507 $this->cookiekey = $val; 508 } 509 510 function getURL() { 511 return $this->url; 512 } 513 514 function setURL($site) { 515 $this->url = $site; 516 } 517 518 function getLanguage() { 519 return $this->language; 520 } 521 522 function setLanguage($lang) { 523 $this->language = $lang; 524 } 525 526 function setDisplayName($nick) { 527 $this->displayname = $nick; 528 } 529 530 function getDisplayName() { 531 return $this->displayname; 532 } 533 534 function isAdmin() { 535 return $this->admin; 536 } 537 538 function setAdmin($val) { 539 $this->admin = $val; 540 } 541 542 function canLogin() { 543 return $this->canlogin; 544 } 545 546 function setCanLogin($val) { 547 $this->canlogin = $val; 548 } 549 550 function getNotes() { 551 return $this->notes; 552 } 553 554 function setNotes($val) { 555 $this->notes = $val; 556 } 557 558 function getAutosave() { 559 return $this->autosave; 560 } 561 562 function setAutosave($val) { 563 $this->autosave = $val; 564 } 565 566 function getID() { 567 return $this->id; 568 } 569 570 /** 571 * Returns true if there is a member with the given login name 572 * 573 * @static 574 */ 575 function exists($name) { 576 $r = sql_query('select * FROM '.sql_table('member')." WHERE mname='".addslashes($name)."'"); 577 return (sql_num_rows($r) != 0); 578 } 579 580 /** 581 * Returns true if there is a member with the given ID 582 * 583 * @static 584 */ 585 function existsID($id) { 586 $r = sql_query('select * FROM '.sql_table('member')." WHERE mnumber='".intval($id)."'"); 587 return (sql_num_rows($r) != 0); 588 } 589 590 /** 591 * Checks if a username is protected. 592 * If so, it can not be used on anonymous comments 593 */ 594 function isNameProtected($name) { 595 596 // extract name 597 $name = strip_tags($name); 598 $name = trim($name); 599 600 return MEMBER::exists($name); 601 } 602 603 /** 604 * Adds a new member 605 * 606 * @static 607 */ 608 function create($name, $realname, $password, $email, $url, $admin, $canlogin, $notes) { 609 if (!isValidMailAddress($email)) 610 return _ERROR_BADMAILADDRESS; 611 612 if (!isValidDisplayName($name)) 613 return _ERROR_BADNAME; 614 615 if (MEMBER::exists($name)) 616 return _ERROR_NICKNAMEINUSE; 617 618 if (!$realname) 619 return _ERROR_REALNAMEMISSING; 620 621 if (!$password) 622 return _ERROR_PASSWORDMISSING; 623 624 // Sometimes user didn't prefix the URL with http://, this cause a malformed URL. Let's fix it. 625 if (!eregi("^https?://", $url)) 626 $url = "http://".$url; 627 628 $name = addslashes($name); 629 $realname = addslashes($realname); 630 $password = addslashes(md5($password)); 631 $email = addslashes($email); 632 $url = addslashes($url); 633 $admin = intval($admin); 634 $canlogin = intval($canlogin); 635 $notes = addslashes($notes); 636 637 $query = 'INSERT INTO '.sql_table('member')." (MNAME,MREALNAME,MPASSWORD,MEMAIL,MURL, MADMIN, MCANLOGIN, MNOTES) " 638 . "VALUES ('$name','$realname','$password','$email','$url',$admin, $canlogin, '$notes')"; 639 sql_query($query); 640 641 ACTIONLOG::add(INFO, _ACTIONLOG_NEWMEMBER . ' ' . $name); 642 643 return 1; 644 } 645 646 /** 647 * Returns activation info for a certain key (an object with properties vkey, vmember, ...) 648 * (static) 649 * 650 * @author karma 651 */ 652 function getActivationInfo($key) 653 { 654 $query = 'SELECT * FROM ' . sql_table('activation') . ' WHERE vkey=\'' . addslashes($key). '\''; 655 $res = sql_query($query); 656 657 if (!$res || (sql_num_rows($res) == 0)) 658 return 0; 659 else 660 return sql_fetch_object($res); 661 } 662 663 /** 664 * Creates an account activation key 665 * 666 * @param $type one of the following values (determines what to do when activation expires) 667 * 'register' (new member registration) 668 * 'forgot' (forgotton password) 669 * 'addresschange' (member address has changed) 670 * @param $extra extra info (needed when validation link expires) 671 * addresschange -> old email address 672 * @author dekarma 673 */ 674 function generateActivationEntry($type, $extra = '') 675 { 676 // clean up old entries 677 $this->cleanupActivationTable(); 678 679 // kill any existing entries for the current member (delete is ok) 680 // (only one outstanding activation key can be present for a member) 681 sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . intval($this->getID())); 682 683 $canLoginWhileActive = false; // indicates if the member can log in while the link is active 684 switch ($type) 685 { 686 case 'forgot': 687 $canLoginWhileActive = true; 688 break; 689 case 'register': 690 break; 691 case 'addresschange': 692 $extra = $extra . '/' . ($this->canLogin() ? '1' : '0'); 693 break; 694 } 695 696 $ok = false; 697 while (!$ok) 698 { 699 // generate a random key 700 srand((double)microtime()*1000000); 701 $key = md5(uniqid(rand(), true)); 702 703 // attempt to add entry in database 704 // add in database as non-active 705 $query = 'INSERT INTO ' . sql_table('activation'). ' (vkey, vtime, vmember, vtype, vextra) '; 706 $query .= 'VALUES (\'' . addslashes($key). '\', \'' . date('Y-m-d H:i:s',time()) . '\', \'' . intval($this->getID()). '\', \'' . addslashes($type). '\', \'' . addslashes($extra). '\')'; 707 if (sql_query($query)) 708 $ok = true; 709 } 710 711 // mark member as not allowed to log in 712 if (!$canLoginWhileActive) 713 { 714 $this->setCanLogin(0); 715 $this->write(); 716 } 717 718 // return the key 719 return $key; 720 } 721 722 /** 723 * Inidicates that an activation link has been clicked and any forms displayed 724 * there have been successfully filled out. 725 * @author dekarma 726 */ 727 function activate($key) 728 { 729 // get activate info 730 $info = MEMBER::getActivationInfo($key); 731 732 // no active key 733 if (!$info) 734 return false; 735 736 switch ($info->vtype) 737 { 738 case 'forgot': 739 // nothing to do 740 break; 741 case 'register': 742 // set canlogin value 743 global $CONF; 744 sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($CONF['NewMemberCanLogon']). ' WHERE mnumber=' . intval($info->vmember)); 745 break; 746 case 'addresschange': 747 // reset old 'canlogin' value 748 list($oldEmail, $oldCanLogin) = explode('/', $info->vextra); 749 sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($oldCanLogin). ' WHERE mnumber=' . intval($info->vmember)); 750 break; 751 } 752 753 // delete from activation table 754 sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vkey=\'' . addslashes($key) . '\''); 755 756 // success! 757 return true; 758 } 759 760 /** 761 * Cleans up entries in the activation table. All entries older than 2 days are removed. 762 * (static) 763 * 764 * @author dekarma 765 */ 766 function cleanupActivationTable() 767 { 768 $actdays = 2; 769 if (isset($CONF['ActivationDays']) && intval($CONF['ActivationDays']) > 0) { 770 $actdays = intval($CONF['ActivationDays']); 771 } 772 $boundary = time() - (60 * 60 * 24 * $actdays); 773 774 // 1. walk over all entries, and see if special actions need to be performed 775 $res = sql_query('SELECT * FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\''); 776 777 while ($o = sql_fetch_object($res)) 778 { 779 switch ($o->vtype) 780 { 781 case 'register': 782 // delete all information about this site member. registration is undone because there was 783 // no timely activation 784 include_once ($DIR_LIBS . 'ADMIN.php'); 785 ADMIN::deleteOneMember(intval($o->vmember)); 786 break; 787 case 'addresschange': 788 // revert the e-mail address of the member back to old address 789 list($oldEmail, $oldCanLogin) = explode('/', $o->vextra); 790 sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($oldCanLogin). ', memail=\'' . addslashes($oldEmail). '\' WHERE mnumber=' . intval($o->vmember)); 791 break; 792 case 'forgot': 793 // delete the activation link and ignore. member can request a new password using the 794 // forgot password link 795 break; 796 } 797 } 798 799 // 2. delete activation entries for real 800 sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\''); 801 } 802 803 } 804 805 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Aug 1 03:56:06 2010 |