Context Navigation

← Previous Change
Next Change →

adminsettings_include.php

Timestamp:

04/07/09 11:44:18 (3 years ago)

Author:

nate

Message:

Merged Nathan branch back into trunk.

Files:

: 1 modified

trunk/phpbms/modules/base/include/adminsettings_include.php (modified) (9 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/phpbms/modules/base/include/adminsettings_include.php

r357	r485
43	43	class settings{
44	44	var $db;
45
	45
46	46	function settings($db){
47
	47
48	48	$this->db = $db;
49
50		}
51
52
	49
	50	}
	51
	52
53	53	function getSettings(){
54	54	$therecord = array();
55
	55
56	56	$querystatement = "SELECT `name`, `value` FROM `settings`";
57	57	$queryresult = $this->db->query($querystatement);
58
	58
59	59	while($setting = $this->db->fetchArray($queryresult))
60	60	$therecord[$setting["name"]] = $setting["value"];
61
	61
62	62	return $therecord;
63	63	}
64
65
	64
	65
66	66	function updateSettings($variables){
67
	67
68	68	global $phpbms;
69
	69
70	70	if(!isset($variables["persistent_login"])) $variables["persistent_login"]=0;
71
	71
72	72	//include any procesing that needs to be done by modules
73	73	foreach($phpbms->modules as $module => $moduleinfo)
…	…
77	77	$extraUpdate = new $class($this->db);
78	78	$variables = $extraUpdate->updateSettings($variables);
79
	79
80	80	}//end if
81
	81
82	82	// Update the settings records
83	83	foreach($variables as $settingname => $settingvalue){
84	84	if(defined(strtoupper($settingname))){
85	85	if(constant(strtoupper($settingname)) != $settingvalue){
86
	86
87	87	$updatestatement = "
88		UPDATE
89		settings
90		SET
91		value ='".$settingvalue."'
92		WHERE
	88	UPDATE
	89	settings
	90	SET
	91	value ='".$settingvalue."'
	92	WHERE
93	93	name='".mysql_real_escape_string($settingname)."'";
94
	94
95	95	$updateresult = $this->db->query($updatestatement);
96
	96
97	97	if(!$this->db->affectedRows()){
98	98
99	99	//check to see why the update did not work
100	100	$querystatement = "
101		SELECT
	101	SELECT
102	102	name
103	103	FROM
…	…
105	105	WHERE
106	106	name = '".mysql_real_escape_string($settingname)."'";
107
	107
108	108	$queryresult = $this->db->query($querystatement);
109
	109
110	110	if(!$this->db->numRows($queryresult)){
111
	111
112	112	//insert the setting if need be
113	113	$insertstatement ="
…	…
120	120	'".mysql_real_escape_string($settingname)."'
121	121	}";
122
	122
123	123	$this->db-query($insertstatement);
124
	124
125	125	}//end if
126
	126
127	127	}//end if
128
	128
129	129	}//end if
130	130	}
131	131	}//end foreach
132
	132
133	133	// deal with logo graphic.
134	134	if(isset($_FILES["printedlogo"])){
135		if($_FILES["printedlogo"]["type"] == "image/png" \|\| $_FILES["printedlogo"]["type"] == "image/jpeg"){
	135
	136	$validFileTypes = array(
	137	"image/png",
	138	"image/x-png",
	139	"image/jpg",
	140	"image/jpeg",
	141	"imagep/jpeg",
	142	);
	143
	144	if(in_array($_FILES["printedlogo"]["type"], $validFileTypes)){
	145
136	146	if (function_exists('file_get_contents')) {
	147
137	148	$file = mysql_real_escape_string(file_get_contents($_FILES['printedlogo']['tmp_name']));
	149
138	150	} else {
	151
139	152	// If using PHP < 4.3.0 use the following:
140	153	$file = mysql_real_escape_string(fread(fopen($_FILES['printedlogo']['tmp_name'], 'r'), filesize($_FILES['printedlogo']['tmp_name'])));
141		}
	154
	155	}//endif
	156
142	157	if($_FILES["printedlogo"]["type"] == "image/jpeg")
143	158	$name = "logo.jpg";
144	159	else
145	160	$name = "logo.png";
146
147		$querystatement="UPDATE `files` SET `file` = '".$file."', `type` = '".$_FILES["printedlogo"]["type"]."', `name`='".$name."' WHERE id=1";
148		$queryresult=$this->db->query($querystatement);
149		}
150		}
	161
	162	$updatestatement = "
	163	UPDATE
	164	`files`
	165	SET
	166	`file` = '".$file."',
	167	`type` = '".$_FILES["printedlogo"]["type"]."',
	168	`name`='".$name."'
	169	WHERE
	170	id = 1";
	171
	172	$this->db->query($updatestatement);
	173
	174	}//endif file types
	175
	176	}//endif file exists
151	177
152	178	return true;
153
	179
154	180	}//end method
155
	181
156	182
157	183	function updateEncyptionSeed($newseed,$currpassword,$userid){
158
	184
159	185	$userid = (int) $userid;
160
	186
161	187	//first let's make sure the password matches
162	188	$querystatement="SELECT id FROM users WHERE id=".$userid." AND password=ENCODE('".$currpassword."','".ENCRYPTION_SEED."')";
…	…
165	191	if(!$this->db->numRows($queryresult))
166	192	return "Encryption Seed not Updated: Invalid Current Password";
167
	193
168	194	//let's update the encryption seed then
169	195	$querystatement="UPDATE settings SET value='".$newseed."' WHERE name='encryption_seed'";
170	196	$queryresult=$this->db->query($querystatement);
171
	197
172	198	//last, reencode the current password
173	199	$querystatement="UPDATE users SET password=ENCODE('".$currpassword."','".$newseed."') WHERE id=".$userid;
…	…
177	203	$querystatement="UPDATE users SET password = ENCODE(DECODE(password,'".ENCRYPTION_SEED."'),'".$newseed."') WHERE id !=".$userid;
178	204	$queryresult=$this->db->query($querystatement);
179
	205
180	206	return "Encryption Seed Updated.";
181		}
	207	}
182	208
183	209
…	…
185	211
186	212	$variables = addSlashesToArray($variables);
187
	213
188	214	switch($variables["command"]){
189	215	case "update settings":
…	…
191	217	$statusmessage="Settings Updated";
192	218	break;
193
	219
194	220	case "update encryption seed":
195	221	if(isset($variables["changeseed"]))
…	…
201	227
202	228	}//end method
203
204
	229
	230
205	231	function displayStylesheets($stylesheet){
206	232
207	233	$thedir="../../common/stylesheet";
208	234	$thedir_stream = @opendir($thedir);
209
	235
210	236	while($entry = @ readdir($thedir_stream)){
211	237	if ($entry!="." and $entry!=".." and is_dir($thedir."/".$entry)) {

phpBMS

Context Navigation

Changeset 485 for trunk/phpbms/modules/base/include/adminsettings_include.php

Legend:

trunk/phpbms/modules/base/include/adminsettings_include.php

Download in other formats: