PHP
This is a class definition for a user object.
class user {
var $userDB;
var $firstName;
var $lastName;
var $loggedIn;
var $userID;
function user(){
global $locale;
include $locale."/cgi/Connections/lisi.php";
$this->userDB = $lisi;
$this->userID = 0;
$this->loggedIn
= 0;
$this->firstName = '';
$this->lastName = '';
}
function fillFromUserID($UID){
if ($UID > 0){
$this->userID = $UID;
global $db_connection;
global $locale;
include $locale."/cgi/Connections/lisi.php";
$query = "SELECT first_Name, last_Name, status FROM user
WHERE user_Idx=$UID";
$db_query = mysql_query ($query, $this->userDB) or die (mysql_error());
$row = mysql_fetch_array ($db_query);
$this->firstName = $row[0];
$this->lastName
= $row[1];
  if ($row['status'] == "A"){
$this->loggedIn
= 1;
}
}
}
function isLoggedIn() {
return $this->loggedIn;
}
function logout() {
$this->userID = 0;
$this->userName = "";
$this->firstName = "";
$this->lastName = "";
$this->loggedIn = 0;
}
function login($userName, $password) {
global $db_connection;
global $locale;
include $locale."/cgi/Connections/lisi.php";
$query = "SELECT user_Idx, first_Name, last_Name, status FROM user WHERE username = '$userName' AND pwd = '$password';";
$db_query = mysql_query ($query, $this->userDB) or die (mysql_error());
if (mysql_num_rows($db_query)>0){
$row = mysql_fetch_array ($db_query);
$status
= $row[3];
if ($status
== "A"){
$userIDX = $row[0];
$this->userID = $userIDX;
$this->firstName
= $row[1];
$this->lastName
= $row[2];
$time
= date("U");
$this->loggedIn
= 1;
$query
= "UPDATE user SET last_Use=$time WHERE user_Idx=".$row['user_Idx'];
$db_query = mysql_query ($query, $db_connection) or die (mysql_error());
}else{
$this->loggedIn = 0;
}
return 1;
} else {
$this->loggedIn = 0;
return 0;
}
}
function addNew ($http_vars){
$entrydate = date("U");
$status = $http_vars['status'];
$usertype = $http_vars['usertype'];
$username = $http_vars['username'];
$pwd = $http_vars['pwd'];
$prefix = $http_vars['prefix'];
$firstName = addslashes($http_vars['FirstName']);
$lastName = addslashes($http_vars['LastName']);
$mi = addslashes($http_vars['MiddleName']);
$suffix = $http_vars['suffix'];
$firmname = addslashes($http_vars['firmname']);
$eMail = $http_vars['EmailAddress'];
$coverpageoptn = $http_vars['coverpageoption'];
$HomePhone = addslashes($http_vars['HomePhone']);
$WorkPhone = addslashes($http_vars['WorkPhone']);
$WorkPhoneExt = addslashes($http_vars['WorkPhoneExtension']);
$FaxPhone = addslashes($http_vars['FaxPhone']);
$PermAddress = addslashes($http_vars['PermAddress']);
$PermCity = addslashes($http_vars['PermCity']);
$PermState = addslashes($http_vars['PermState']);
$PermZipcode = addslashes($http_vars['PermZipcode']);
$license = addslashes($http_vars['license']);
$contedu = addslashes($http_vars['contedu']);
$renewmon = addslashes($http_vars['renewmon']);
$renewyr = addslashes($http_vars['renewyr']);
global $locale;
include $locale."/cgi/Connections/lisi.php";
$myfields = 'entry_Date, user_Type, status, username, pwd, remember_Pwd, cont_Edu, renew_Month, renew_Year';
$myfields .= ',prefix, first_Name, middle_Name, last_Name, suffix, firm_Name, email, license, coverpage_Option';
$myfields .= ', phone, phone_Extension, fax, address, city, state, zip';
$myjoin = " user ";
$myValues = "'$entrydate', '$usertype', '$status', '$username', '$pwd', '$rememberpwd', '$contedu', '$renewmon', '$renewyr'";
$myValues .= ",'$prefix', '$firstName', '$middleName', '$lastName', '$suffix', '$firmname', '$eMail', '$license', '$coverpageoptn'";
$myValues .= ", '$WorkPhone', '$WorkPhoneExt', '$FaxPhone', '$PermAddress', '$PermCity', '$PermState', '$PermZipcode'";
global $db_connection;
$query = "INSERT INTO $myjoin ($myfields)VALUES ( $myValues )";
$result = mysql_query ($query, $this->userDB) or die (mysql_error());
return $this->login($userName, $userPassword);
}
function update($http_vars, $usrID){
$entrydate
= date("U");
$status = $http_vars['status'];
$usertype = $http_vars['usertype'];
$userName = $http_vars['username'];
$userPassword = $http_vars['pwd'];
$prefix = $http_vars['prefix'];
$firstName =
addslashes($http_vars['FirstName']);
$lastName = addslashes($http_vars['LastName']);
$mi = addslashes($http_vars['MiddleName']);
$suffix = $http_vars['suffix'];
$firmname = addslashes($http_vars['firmname']);
$eMail = $http_vars['EmailAddress'];
$coverpageoptn = $http_vars['coverpageoption'];
$HomePhone = addslashes($http_vars['HomePhone']);
$WorkPhone = addslashes($http_vars['WorkPhone']);
$WorkPhoneExt = addslashes($http_vars['WorkPhoneExtension']);
$FaxPhone = addslashes($http_vars['FaxPhone']);
$PermAddress = addslashes($http_vars['PermAddress']);
$PermCity = addslashes($http_vars['PermCity']);
$PermState = addslashes($http_vars['PermState']);
$PermZipcode =
addslashes($http_vars['PermZipcode']);
$license = addslashes($http_vars['license']);
$contedu = addslashes($http_vars['contedu']);
$renewmon = addslashes($http_vars['renewmon']);
$renewyr = addslashes($http_vars['renewyr']);
$ShipAddress = addslashes($http_vars['ShipAddress']);
$ShipCity = addslashes($http_vars['ShipCity']);
$ShipState = addslashes($http_vars['ShipState']);
$ShipZipcode = addslashes($http_vars['ShipZipcode']);
$BillAddress = addslashes($http_vars['BillAddress']);
$BillCity = addslashes($http_vars['BillCity']);
$BillState = addslashes($http_vars['BillState']);
$BillZipcode = addslashes($http_vars['BillZipcode']);
$mydata = "entry_Date='$entrydate', user_Type='$usertype', status='$status',
username='$username', pwd='$pwd', remember_Pwd='$rememberpwd', suffix='$suffix',
cont_Edu='$contedu', renew_Month='$renewmon', renew_Year='$renewyr',
prefix='$prefix', first_Name='$FirstName', middle_Name='$MiddleName', last_Name='$LastName',
suffix='$suffix', firm_Name='$firmname', email='$EmailAddress', license='$license',
coverpage_Option='$coverpageoption', phone ='$WorkPhone',
phone_Extension='$WorkPhoneExt', fax='$FaxPhone', address='$PermAddress',
city='$PermCity', state='$PermState', zip='$PermZipcode'";
global $locale;
include $locale."/cgi/Connections/lisi.php";
global $db_connection;
$query
= "UPDATE user SET ($mydata) where user_Idx = $usrID";
$result = mysql_query ($query, $this->userDB) or die (mysql_error());
}
function getemailaddr(){
global $db_connection;
$query
= 'SELECT email FROM user WHERE user_Idx='.$this->userID;
$result = mysql_query ($query, $this->userDB) or die (mysql_error());
$row = mysql_fetch_array ($result);
return $row['email'];
}
}