1 <?php
2 class users {
3
4 private $whitelist = "index";
5 private $secure_folder = "nm-admin";
6
7
8 function __construct() {
9 session_start();
10 $this->check();
11
12 if(isset($_GET['n']) && !network::validate($_GET['n'])) throw new Exception("Network not found!");
13 }
14
15 function check() {
16 $current = $_SERVER['SCRIPT_FILENAME'];
17 if(strpos($current,$this->secure_folder) !== false) {
18 $whitelist = explode(",",$this->whitelist);
19 $flag = true;
20 foreach($whitelist as $page) {
21 if(strpos($current,$page.".php")) { $flag = false; break; }
22 }
23 if($flag && !isset($_SESSION['id'])) {
24 Model::direct("index.php");
25 die();
26 }
27 }
28 }
29
30 function login($user,$pass) {
31 $q = mysql::query("users.login",array("user"=>$user,"pass"=>$pass));
32 if($q->num_rows) {
33 $data = $q->fetch_array();
34 $_SESSION['id'] = $data[0];
35 $_SESSION['name'] = $user;
36 }
37 return ($q->num_rows);
38 }
39
40 function create($name,$pass,$network) {
41 mysql::query("users.add",array("name"=>$name,"pass"=>$pass));
42 $id = mysql::last_id();
43 mysql::query("users.link",array("user"=>$id,"network"=>$network));
44 }
45
46 function remove($id) {
47 mysql::query("users.remove",array("id"=>$id));
48 }
49
50 function show($network) {
51 $q = mysql::query("users.list",array("n"=>$network));
52 if($q->num_rows) {
53 $data = mysql::fetch_all($q);
54 foreach($data as $row) {
55 echo "<tr><td>".$row['userName']."</td>";
56 echo "<td><a href='nm-user-manage.php?action=delete&u={$row['userID']}&n=$network'>
57 <img src='images/cross.png'/></a></td></tr>";
58 }
59 } else {
60 echo "<tr colspan='2'><td>No users found!</td></tr>";
61 }
62 }
63
64 function link($user,$network) {
65 mysql::query("users.link",array("user"=>$user,"network"=>$network));
66 }
67
68 function delink($user,$network) {
69 mysql::query("users.delink",array("user"=>$user,"network"=>$network));
70 $q = mysql::query("users.linked",array("user"=>$user));
71 $data = $q->fetch_array();
72 return $data[0];
73 }
74
75 static function find($user,$hash=false) {
76 $name = ($hash) ? "users.hashfind" : "users.find";
77 $q = mysql::query($name,array("name"=>$user));
78 if($q->num_rows) {
79 $data = $q->fetch_array();
80 return $data[0];
81 }
82 return false;
83 }
84 }
85 ?>