Programming : PHP

PHP

This is a class definition for a user object.


class user {
// declare variables

   var $userDB;
   var $firstName;
   var $lastName;
   var $loggedIn;
   var $userID;


/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function user(){   
// constructor

      global $locale;
      include $locale."/cgi/Connections/lisi.php";

      $this->userDB     = $lisi;
      $this->userID      = 0;
      $this->loggedIn    = 0;
      $this->firstName  = '';
      $this->lastName   = '';
   }

/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function fillFromUserID($UID){
      if ($UID > 0){
         $this->userID    =   $UID;
         global $db_connection;
         // start the Session to track
         global $locale;
         include $locale."/cgi/Connections/lisi.php";
         $query = "SELECT first_Name, last_Name, status FROM user
                  WHERE user_Idx=$UID";

         $db_query              = mysql_query ($query, $this->userDB) or die (mysql_error());
         $row                        = mysql_fetch_array ($db_query);
         $this->firstName     = $row[0];
         $this->lastName      = $row[1];
         if ($row['status']      == "A"){
            $this->loggedIn    = 1;
         }
      }
   }


/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function isLoggedIn() {
      return $this->loggedIn;
   }

/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function logout() {
   // set everything to neutral
      $this->userID          = 0;
      $this->userName     = "";
      $this->firstName      = "";
      $this->lastName      = "";
      $this->loggedIn       = 0;
   }


/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function login($userName, $password) {

      global $db_connection; // declare the database connection
      global $locale;
      include $locale."/cgi/Connections/lisi.php"; // use active database for user
      // set up the query and run it
      $query = "SELECT user_Idx, first_Name, last_Name, status FROM user WHERE username = '$userName' AND pwd = '$password';";
      $db_query = mysql_query ($query, $this->userDB) or die (mysql_error());

      if (mysql_num_rows($db_query)>0){ # we found the name password combo
         // store the data in this object
         
         $row = mysql_fetch_array ($db_query);
         $status             = $row[3];
         if ($status == "A"){
            $userIDX              = $row[0];
            $this->userID         = $userIDX;
            $this->firstName    = $row[1];
            $this->lastName     = $row[2];
            $time = date("U");
            $this->loggedIn = 1;
            $query = "UPDATE user SET last_Use=$time WHERE user_Idx=".$row['user_Idx'];
            $db_query = mysql_query ($query, $db_connection) or die (mysql_error());
         }else{
            $this->loggedIn = 0;
         }
         return 1;
      } else {
         $this->loggedIn = 0;
         return 0;
      }
   }

/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function addNew ($http_vars){

      // retreive the data from the web page
      $entrydate     = date("U");
      $status         = $http_vars['status'];
      $usertype       = $http_vars['usertype'];
      $username       = $http_vars['username'];
      $pwd            = $http_vars['pwd'];
      $prefix         = $http_vars['prefix'];
      $firstName     = addslashes($http_vars['FirstName']);
      $lastName      = addslashes($http_vars['LastName']);
      $mi            = addslashes($http_vars['MiddleName']);
      $suffix         = $http_vars['suffix'];
      $firmname      = addslashes($http_vars['firmname']);
      $eMail          = $http_vars['EmailAddress'];
      $coverpageoptn = $http_vars['coverpageoption'];
      $HomePhone     = addslashes($http_vars['HomePhone']);
      $WorkPhone     = addslashes($http_vars['WorkPhone']);
      $WorkPhoneExt = addslashes($http_vars['WorkPhoneExtension']);
      $FaxPhone      = addslashes($http_vars['FaxPhone']);
      $PermAddress   = addslashes($http_vars['PermAddress']);
      $PermCity      = addslashes($http_vars['PermCity']);
      $PermState     = addslashes($http_vars['PermState']);
      $PermZipcode   = addslashes($http_vars['PermZipcode']);
      $license       = addslashes($http_vars['license']);
      $contedu       = addslashes($http_vars['contedu']);
      $renewmon      = addslashes($http_vars['renewmon']);
      $renewyr       = addslashes($http_vars['renewyr']);


      global $locale;
      include $locale."/cgi/Connections/lisi.php"; // use active database for user
      // set up the insert data
      $myfields = 'entry_Date, user_Type, status, username, pwd, remember_Pwd, cont_Edu, renew_Month, renew_Year';
      $myfields .= ',prefix, first_Name, middle_Name, last_Name, suffix, firm_Name, email, license, coverpage_Option';
      $myfields .= ', phone, phone_Extension, fax, address, city, state, zip';
      $myjoin = " user ";
      $myValues = "'$entrydate', '$usertype', '$status', '$username', '$pwd', '$rememberpwd', '$contedu', '$renewmon', '$renewyr'";
      $myValues .= ",'$prefix', '$firstName', '$middleName', '$lastName', '$suffix', '$firmname', '$eMail', '$license', '$coverpageoptn'";
      $myValues .= ", '$WorkPhone', '$WorkPhoneExt', '$FaxPhone', '$PermAddress', '$PermCity', '$PermState', '$PermZipcode'";
      // do the insert
      global $db_connection;
      $query = "INSERT INTO $myjoin ($myfields)VALUES ( $myValues )";
      $result = mysql_query ($query, $this->userDB) or die (mysql_error());

      // store the data in this object!
      return $this->login($userName, $userPassword);

   }

/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/
   function update($http_vars, $usrID){

      // retreive the data from the web page
      $entrydate          = date("U");
      $status                = $http_vars['status'];
      $usertype            = $http_vars['usertype'];
      $userName         = $http_vars['username'];
      $userPassword   = $http_vars['pwd'];
      $prefix                = $http_vars['prefix'];
      $firstName         = addslashes($http_vars['FirstName']);
      $lastName          = addslashes($http_vars['LastName']);
      $mi                      = addslashes($http_vars['MiddleName']);
      $suffix                 = $http_vars['suffix'];
      $firmname          = addslashes($http_vars['firmname']);
      $eMail                = $http_vars['EmailAddress'];
      $coverpageoptn  = $http_vars['coverpageoption'];
      $HomePhone      = addslashes($http_vars['HomePhone']);
      $WorkPhone       = addslashes($http_vars['WorkPhone']);
      $WorkPhoneExt = addslashes($http_vars['WorkPhoneExtension']);
      $FaxPhone          = addslashes($http_vars['FaxPhone']);
      $PermAddress    = addslashes($http_vars['PermAddress']);
      $PermCity          = addslashes($http_vars['PermCity']);
      $PermState        = addslashes($http_vars['PermState']);
      $PermZipcode    = addslashes($http_vars['PermZipcode']);
      $license              = addslashes($http_vars['license']);
      $contedu            = addslashes($http_vars['contedu']);
      $renewmon        = addslashes($http_vars['renewmon']);
      $renewyr           = addslashes($http_vars['renewyr']);
      $ShipAddress   = addslashes($http_vars['ShipAddress']);
      $ShipCity          = addslashes($http_vars['ShipCity']);
      $ShipState        = addslashes($http_vars['ShipState']);
      $ShipZipcode    = addslashes($http_vars['ShipZipcode']);
      $BillAddress     = addslashes($http_vars['BillAddress']);
      $BillCity            = addslashes($http_vars['BillCity']);
      $BillState         = addslashes($http_vars['BillState']);
      $BillZipcode     = addslashes($http_vars['BillZipcode']);

      // set up the insert data
      $mydata = "entry_Date='$entrydate', user_Type='$usertype', status='$status',
         username='$username', pwd='$pwd', remember_Pwd='$rememberpwd', suffix='$suffix',
         cont_Edu='$contedu', renew_Month='$renewmon', renew_Year='$renewyr',
         prefix='$prefix', first_Name='$FirstName', middle_Name='$MiddleName', last_Name='$LastName',
         suffix='$suffix', firm_Name='$firmname', email='$EmailAddress', license='$license',
         coverpage_Option='$coverpageoption', phone ='$WorkPhone',
         phone_Extension='$WorkPhoneExt', fax='$FaxPhone', address='$PermAddress',
         city='$PermCity', state='$PermState', zip='$PermZipcode'";


      // do the update
      global $locale;
      include $locale."/cgi/Connections/lisi.php"; // use active database for user
      global $db_connection;
      $query = "UPDATE user SET ($mydata) where user_Idx = $usrID";
      $result = mysql_query ($query, $this->userDB) or die (mysql_error());

   }

/*-------------------------------------------------------------------------*/
/*-------------------------------------------------------------------------*/

   function getemailaddr(){

      global $db_connection;
      $query = 'SELECT email FROM user WHERE user_Idx='.$this->userID;
      $result = mysql_query ($query, $this->userDB) or die (mysql_error());
    $row = mysql_fetch_array ($result);
      // store the data in this object!
      return $row['email'];

   }
}