User management for the world wide web

Groups.php

<?php
class GenieGate_Groups {
  var $DBH;

  var $LISTENERS = array();
  
  function GenieGate_Groups(&$dbh){
    $this->DBH = $dbh;
  }

  function getMemberGroups($uid){
    $groups = array();

    $sql = sprintf("SELECT m.gid,n.name FROM ua_group AS n, ua_members as m WHERE m.gid=n.gid AND m.uid='%s'",
           mysql_escape_string($uid));

    $result = mysql_query($sql,$this->DBH) or die(mysql_error($this->DBH));
    if($result){
      while( list($gid,$name) = mysql_fetch_row($result)){
           $groups[$gid] = $name;
      }
    }
    mysql_free_result($result);
    return($groups);
  }

  function getMemberGids($uid){
    $uid = mysql_escape_string($uid);
    $sql = "SELECT gid FROM ua_members WHERE uid='$uid'";
    $result = mysql_query($sql,$this->DBH) or die(mysql_error($this->DBH));
    $groups = array();
    if($result){
      while( list($gid) = mysql_fetch_row($result)){
           array_push($groups,$gid);
      }
    }
    return($groups);
  }

  function setMember($uid,$gids){
    $uid = mysql_escape_string($uid);
       
    $old = $this->getMemberGids($uid); // We need this for the events.

    mysql_query("DELETE FROM ua_members WHERE uid='$uid'",$this->DBH) or die(mysql_error($this->DBH));    

    $sql = "INSERT INTO ua_members (uid,gid) VALUES('$uid','%s')";    
    $all = $this->getAllGroups();
    $new_groups = array();

    // Look at all the GID's we want to add.
    foreach($gids as $gid){    
      if($all[$gid]){
        mysql_query(sprintf($sql,mysql_escape_string($gid)),$this->DBH) or die(mysql_error($this->DBH));      
        array_push($new_groups,$gid);
        unset($all[$gid]); // This prevents duplicate gid's.
      }      
    }
    $this->fireUserGroupChange($uid,$old,$new_groups);
    return($new_groups);
  }

  function getMembers($gid){
    $users = array();
    $gid = mysql_escape_string($gid);
    $sql = "select u.uid AS uid,created,confirm,email,name from ua_users as u, ua_members as m ";
    $sql .= "where u.uid=m.uid AND m.gid='$gid'";
    $result = mysql_query($sql,$this->DBH) or die(mysql_error($this->DBH));
    if($result){
      while( $inf = mysql_fetch_assoc($result)){
          array_push($users,$inf);
      }      
    }
    mysql_free_result($result);
    return($users);
  }

  function setGroup($gid,$name,$can_signup){
    if(preg_match("/\W/",$gid)){
      die("Group ID must be alphanumeric");
    }
    if($can_signup){
      $flag = "Y";
    }else{
      $flag = "N";
    }
    // Group exists, do an UPDATE.
    if($this->getGroupName($gid)) {   
      $sql = sprintf("UPDATE ua_group SET name='%s',signup='$flag' WHERE gid='%s'",
             mysql_escape_string($name),
             mysql_escape_string($gid));
      mysql_query($sql,$this->DBH) or die("Database error: " . mysql_error($this->DBH));
      $this->fireGroupNameChange($gid,$name,$can_signup,FALSE);
    }else{  
      $sql = sprintf("INSERT INTO ua_group (name,gid,signup) VALUES('%s','%s','$flag')",
             mysql_escape_string($name),
             mysql_escape_string($gid));
      mysql_query($sql,$this->DBH) or die("Database error: " . mysql_error($this->DBH));
      $this->fireGroupNameChange($gid,$name,$can_signup,TRUE);                      
    }
  }
  
  function getGroupName($gid){
    $sql = sprintf("SELECT gid,name,signup FROM ua_group WHERE gid='%s'",
           mysql_escape_string($gid));
    $result = mysql_query($sql,$this->DBH) or die(mysql_error($this->DBH));
    if($result){
      $group =  mysql_fetch_assoc($result);
      mysql_free_result($result);
      return($group);
    }
    return(FALSE);
  }
  
  function getAllGroups($show = TRUE){    
    $all = array();
    if($show) {
        $sql = "SELECT gid,name,signup FROM ua_group";
    }else{
        $sql = "SELECT gid,name,signup FROM ua_group WHERE signup='Y'";
    }   
    $result = mysql_query($sql,$this->DBH);
    if($result){
      while($group = mysql_fetch_assoc($result)){
        $k = $group[gid];
        $all[$k] = $group;
      }
    }
    mysql_free_result($result);    
    return($all);
  }

  function removeGroup($gid){    
    $info = $this->getGroupName($gid);
    if($info){
        $this->fireGroupNameDelete($gid,&$info); // NOTE: fire BEFORE remove, so plugins can see who was a member.
        $gid = mysql_escape_string($gid);
        $sql = "DELETE FROM ua_members WHERE gid='$gid'";
        mysql_query($sql,$this->DBH) or die(mysql_error($this->DBH));           
        $sql = "DELETE FROM ua_group WHERE gid='$gid'";
        mysql_query($sql,$this->DBH) or die(mysql_error($this->DBH));      
    }
  }

  function addListener(&$listener){
    array_push($this->LISTENERS,$listener);
  }

  function fireGroupNameChange($gid,$name,$sign_ok,$is_new){ 
    foreach($this->LISTENERS as $l){
      $l->groupNameChange($this,$gid,$name,$sign_ok,$is_new);
    }
  }
  function fireGroupNameDelete($gid,&$info){
    foreach($this->LISTENERS as $l){
      $l->groupNameDelete($this,$gid,&$info);
    }
  }

  function fireUserGroupChange($uid,&$old_groups,&$new_groups){    
    foreach($this->LISTENERS as $l){     
      $l->userGroupsChanged($this,$uid,$old_groups,$new_groups);
    }
  }

}
?>

---

Documentation generated by DoxyGen