Die Datei functions.inc.php

Listing 1.10 - Die Datei functions.inc.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89	<? //*******************++ HILFS-Funktionen **************************// function escape_string($string){ if(get_magic_quotes_gpc()) { $string = stripslashes($string); } return mysql_real_escape_string(strip_tags($string)); } //****************ENDE HILFS-Funktionen **************************// //*****************++ USER-HILFS-Funktionen ***************************// function register($user,$password,$email){ $user = escape_string($user); $password = escape_string($password); $email = escape_string($email); $return = "Der Benutzer wurde erstellt. Sie können sich nun als $user mit ihrem Passwort anmelden!"; $sql= "INSERT INTO ".MYSQL_TABLE." SET name='$user',". " password=MD5('$password'), email='$email'"; mysql_query($sql) or die(mysql_error());; return $return; } function return_user($user="",$password=""){ $user = escape_string($user); $password = escape_string($password); if($user == "" && $password == ""){ $session = session_id(); $sql = "SELECT FROM `".MYSQL_TABLE."` WHERE `session`='$session'"; } else{ $sql = "SELECT * FROM `".MYSQL_TABLE."` WHERE `password`=MD5('$password')". " AND `name`='$user'"; } $result = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($result) == 1){ $user = mysql_fetch_assoc($result); return $user['id']; } else{ return false;; } } function login($id){ $id = intval($id); $session = session_id(); $sql = "UPDATE `".MYSQL_TABLE."` SET `session`='$session'". "WHERE `id`='$id'"; mysql_query($sql) or die(mysql_error()); } function logged_in(){ $session = session_id(); $sql = "SELECT id FROM `".MYSQL_TABLE."` WHERE `session`='$session'"; $result = mysql_query($sql); $assoc = mysql_fetch_assoc($result); if(isset($assoc[id])){ return $assoc[id]; } else{ return false; } } function logout(){ $session = session_id(); $sql = "UPDATE `".MYSQL_TABLE."` SET `session`='' ". "WHERE `session` = '$session'"; if(mysql_query($sql)){ return true; } else{ return false; } session_unset(); session_destroy(); } function userName($id){ $id = intval($id); $sql = "SELECT `name` FROM `".MYSQL_TABLE."` WHERE `id`='$id'"; $result = mysql_query($sql); $assoc = mysql_fetch_assoc($result); return $assoc[name]; } //*******************ENDE USER-HILFS-Funktionen ********************// ?>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

<?

//*********************++ HILFS-Funktionen ******************************//
 function escape_string($string){
    if(get_magic_quotes_gpc()) {

      $string = stripslashes($string);
    }

    return mysql_real_escape_string(strip_tags($string));
  }
//********************ENDE HILFS-Funktionen ******************************//
//*********************++ USER-HILFS-Funktionen ******************************//
 
 function register($user,$password,$email){

   $user     = escape_string($user);
   $password = escape_string($password);
   $email    = escape_string($email);
   $return   =  "Der Benutzer wurde erstellt.
                 Sie k&ouml;nnen sich nun als $user mit ihrem Passwort anmelden!";
   $sql= "INSERT INTO ".MYSQL_TABLE." SET name='$user',".
         " password=MD5('$password'), email='$email'";
   mysql_query($sql) or die(mysql_error());;
   return $return;
 }

 function return_user($user="",$password=""){
   $user     = escape_string($user);
   $password = escape_string($password);
   if($user == "" && $password == ""){

     $session = session_id();
     $sql = "SELECT * FROM `".MYSQL_TABLE."` WHERE `session`='$session'";
   }
   else{

     $sql = "SELECT * FROM `".MYSQL_TABLE."` WHERE `password`=MD5('$password')".
            " AND `name`='$user'";
   }
   $result = mysql_query($sql) or die(mysql_error());
   if (mysql_num_rows($result) == 1){

     $user  = mysql_fetch_assoc($result);
     return $user['id'];
   }
   else{
     return false;;
   } 
 }

 function login($id){
   $id = intval($id);
   $session = session_id();
   $sql = "UPDATE `".MYSQL_TABLE."` SET `session`='$session'".
          "WHERE `id`='$id'";
   mysql_query($sql) or die(mysql_error());
 }

 function logged_in(){
   $session = session_id();
     $sql = "SELECT id FROM `".MYSQL_TABLE."` WHERE `session`='$session'";
     $result = mysql_query($sql);
     $assoc  = mysql_fetch_assoc($result);
     if(isset($assoc[id])){

      return $assoc[id];
     }
     else{
      return false;
     }
 }

 function logout(){
   $session = session_id();
   $sql = "UPDATE `".MYSQL_TABLE."` SET `session`='' ".
          "WHERE `session` = '$session'";
   if(mysql_query($sql)){

    return true;
   }
   else{
     return false;
   }
   session_unset();
   session_destroy();
 }

 function userName($id){
   $id     = intval($id);
   $sql    = "SELECT `name` FROM `".MYSQL_TABLE."` WHERE `id`='$id'";
   $result = mysql_query($sql);
   $assoc  = mysql_fetch_assoc($result);
   return $assoc[name];
 }

//*********************ENDE USER-HILFS-Funktionen **********************//
 
 ?>