2626dd47daad110c63a82c0560b134e2364eeac3
bernd webinterface => /webinterface

bernd authored 17 years ago

1) <?php
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

2) /*
3) This file belongs to the Webinterface of schokokeks.org Hosting
4) 
Bernd Wurst Copyright year update

Bernd Wurst authored 6 years ago

5) Written 2008-2018 by schokokeks.org Hosting, namely
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

6)   Bernd Wurst <bernd@schokokeks.org>
7)   Hanno Böck <hanno@schokokeks.org>
8) 
9) To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

11) You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

12) http://creativecommons.org/publicdomain/zero/1.0/
13) 
14) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
15) */
bernd webinterface => /webinterface

bernd authored 17 years ago

16) 
17) require_once('session/checkuser.php');
18) 
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

19) function user_customer_match($cust, $user)
20) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

21)     $args = array(":cid" => $cust,
Bernd Wurst Modul index auf prepared st...

Bernd Wurst authored 10 years ago

22)                 ":user" => $user);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

23)     $result = db_query("SELECT uid FROM system.useraccounts WHERE kunde=:cid AND username=:user AND kundenaccount=1", $args);
24)     if ($result->rowCount() > 0) {
25)         return true;
26)     }
27)     return false;
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

28) }
29) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

30) function find_username($input)
Bernd Wurst Passwort-Reset-Funktion akt...

Bernd Wurst authored 7 years ago

31) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

32)     $args = array(":user" => $input);
33)     $result = db_query("SELECT username FROM system.useraccounts WHERE username=:user AND kundenaccount=1", $args);
34)     if ($result->rowCount() > 0) {
35)         $line = $result->fetch();
36)         return $line['username'];
37)     } else {
38)         return false;
39)     }
Bernd Wurst Passwort-Reset-Funktion akt...

Bernd Wurst authored 7 years ago

40) }
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

41) 
bernd webinterface => /webinterface

bernd authored 17 years ago

42) function customer_has_email($customerno, $email)
43) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

44)     $args = array(":cid" => $customerno,
Bernd Wurst Modul index auf prepared st...

Bernd Wurst authored 10 years ago

45)                 ":email" => $email);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

46)     $result = db_query("SELECT NULL FROM kundendaten.kunden WHERE id=:cid AND (email=:email OR email_extern=:email OR email_rechnung=:email)", $args);
47)     return ($result->rowCount() > 0);
bernd webinterface => /webinterface

bernd authored 17 years ago

48) }
49) 
50) 
51) function validate_token($customerno, $token)
52) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

53)     expire_tokens();
54)     $args = array(":cid" => $customerno,
Bernd Wurst Modul index auf prepared st...

Bernd Wurst authored 10 years ago

55)                 ":token" => $token);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

56)     $result = db_query("SELECT NULL FROM kundendaten.kunden WHERE id=:cid AND token=:token", $args);
57)     return ($result->rowCount() > 0);
bernd webinterface => /webinterface

bernd authored 17 years ago

58) }
59) 
60) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

61) function get_uid_for_token($token)
Bernd Wurst Erlaube Useraccount-Initial...

Bernd Wurst authored 11 years ago

62) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

63)     expire_tokens();
64)     $result = db_query("SELECT uid FROM system.usertoken WHERE token=?", array($token));
65)     if ($result->rowCount() == 0) {
66)         return null;
67)     }
68)     $data = $result->fetch();
69)     return $data['uid'];
Bernd Wurst Erlaube Useraccount-Initial...

Bernd Wurst authored 11 years ago

70) }
71) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

72) function get_username_for_uid($uid)
Bernd Wurst Zeige Username beim Passwor...

Bernd Wurst authored 11 years ago

73) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

74)     $result = db_query("SELECT username FROM system.useraccounts WHERE uid=?", array($uid));
75)     if ($result->rowCount() != 1) {
76)         system_failure("Unexpected number of users with this uid (!= 1)!");
77)     }
78)     $item = $result->fetch();
79)     return $item['username'];
Bernd Wurst Zeige Username beim Passwor...

Bernd Wurst authored 11 years ago

80) }
81) 
bernd one-time-URLs für systemuser

bernd authored 16 years ago

82) function validate_uid_token($uid, $token)
83) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

84)     expire_tokens();
85)     $args = array(":uid" => $uid,
Bernd Wurst Modul index auf prepared st...

Bernd Wurst authored 10 years ago

86)                 ":token" => $token);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

87)     $result = db_query("SELECT NULL FROM system.usertoken WHERE uid=:uid AND token=:token", $args);
88)     return ($result->rowCount() > 0);
bernd one-time-URLs für systemuser

bernd authored 16 years ago

89) }
90) 
91) 
bernd webinterface => /webinterface

bernd authored 17 years ago

92) function expire_tokens()
93) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

94)     $expire = "1 DAY";
95)     db_query("UPDATE kundendaten.kunden SET token=NULL, token_create=NULL WHERE token_create < NOW() - INTERVAL {$expire};");
96)     db_query("DELETE FROM system.usertoken WHERE expire < NOW();");
bernd webinterface => /webinterface

bernd authored 17 years ago

97) }
98) 
99) function invalidate_customer_token($customerno)
100) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

101)     db_query("UPDATE kundendaten.kunden SET token=NULL, token_create=NULL WHERE id=?", array($customerno));
bernd webinterface => /webinterface

bernd authored 17 years ago

102) }
103)  
bernd one-time-URLs für systemuser

bernd authored 16 years ago

104) function invalidate_systemuser_token($uid)
105) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

106)     db_query("DELETE FROM system.usertoken WHERE uid=?", array($uid));
bernd one-time-URLs für systemuser

bernd authored 16 years ago

107) }
108)  
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

109) function create_token($username)
bernd webinterface => /webinterface

bernd authored 17 years ago

110) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

111)     expire_tokens();
112)     $result = db_query("SELECT uid FROM system.useraccounts WHERE username=?", array($username));
113)     $uid = (int) $result->fetch()['uid'];
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

114)   
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

115)     $result = db_query("SELECT created FROM system.usertoken WHERE uid=?", array($uid));
116)     if ($result->rowCount() > 0) {
117)         system_failure("Für Ihr Benutzerkonto ist bereits eine Passwort-Erinnerung versendet worden. Bitte wenden Sie sich an den Support wenn Sie diese nicht erhalten haben.");
118)     }
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

119)   
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

120)     $args = array(":uid" => $uid,
Bernd Wurst Modul index auf prepared st...

Bernd Wurst authored 10 years ago

121)                 ":token" => random_string(16));
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

122)     db_query("INSERT INTO system.usertoken VALUES (:uid, NOW(), NOW() + INTERVAL 1 DAY, :token)", $args);
123)     return true;
bernd webinterface => /webinterface

bernd authored 17 years ago

124) }
125) 
126) 
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

127) function emailaddress_for_user($username)
128) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

129)     $result = db_query("SELECT k.email FROM kundendaten.kunden AS k INNER JOIN system.useraccounts AS u ON (u.kunde=k.id) WHERE u.username=?", array($username));
130)     $data = $result->fetch();
131)     return $data['email'];
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

132) }
133) 
134) 
bernd webinterface => /webinterface

bernd authored 17 years ago

135) function get_customer_token($customerno)
136) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

137)     expire_tokens();
138)     $result = db_query("SELECT token FROM kundendaten.kunden WHERE id=? AND token IS NOT NULL", array($customerno));
139)     if ($result->rowCount() < 1) {
140)         system_failure("Kann das Token nicht auslesen!");
141)     }
142)     return $result->fetch(PDO::FETCH_OBJ)->token;
bernd webinterface => /webinterface

bernd authored 17 years ago

143) }
144) 
145) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

146) function get_user_token($username)
Bernd Wurst Ermögliche Kunden sich eine...

Bernd Wurst authored 10 years ago

147) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

148)     $result = db_query("SELECT token FROM system.usertoken AS t INNER JOIN system.useraccounts AS u USING (uid) WHERE username=?", array($username));
149)     $tmp = $result->fetch();
150)     return $tmp['token'];