* @version $Revision: 1.2 $ */ /** * The hostname of the database server. */ define("G_DATABASE_HOST", "localhost", 1); //define("G_DATABASE_HOST", "192.168.100.8", 1); /** * The username to use when connecting to the database server. */ define("G_DATABASE_USER", "scientific-confe", 1); /** * The password to use when connecting to the database server. */ define("G_DATABASE_PASSWORD", "zZp49FmJqw9EVgyw", 1); /** * The name of the physical database on the server. */ define("G_DATABASE_CATALOG", "solanaceae.scientific-conference.net", 1); /** * Open a connection to the database. * * @return long an identifier for the MySQL database connection */ function OpenDatabase() { $conn = mysql_pconnect(G_DATABASE_HOST, G_DATABASE_USER, G_DATABASE_PASSWORD); mysql_select_db(G_DATABASE_CATALOG, $conn); return $conn; } ?> * @version $Revision: 1.7 $ */ // include_once("../classes/config.php"); //should already be included //include_once("../classes/db_fcns.php"); /** * Get the redirection URL for a specific page tag. * * This is mainly used by login_redir.php to resolve a tag like * next=abstract into a URI. * * @param string $page the page tag to resolve. * @return string the URI for the given tag, or an empty string if the * specified tag was not found. */ function GetRedirectorPage($page) { $result = ""; $sql = "select * from tblredirector where pageKey='#key#'"; $sql = str_replace("#key#", $page, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("GetRedirectorPage($page): " . mysql_error()); } if (0 != mysql_num_Rows($rst)) { $row = mysql_fetch_object($rst); $result = $row->pageTarget; mysql_free_result($rst); mysql_close($dbh); } return $result; } /** * Validate a username/password pair and set the login session variables. * * @param string $userEmail the e-mail address to validate * @param string $password the password supplied by the user * @return boolean 0 on failure, 1 on success. Also sets session variables * botany_userid, botany_fullname and botany_email. */ function ValidateUserCredentials($userEmail, $password) { $result = 0; if ((strlen($userEmail) == 0) || (strlen($password) ==0)) { return 0; } $sql = "SELECT * FROM tbllogins WHERE EmailAddress='#email#' And Password='#pwd#'"; $sql = str_replace("#email#", $userEmail, $sql); $sql = str_replace("#pwd#", $password, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("ValidateUserCredentials($userEmail,$password): " . mysql_error()); } if (0 == mysql_num_rows($rst)) { $result = 0; } else { $row = mysql_fetch_object($rst); $_SESSION['admin'] = $row->Admin; $result = 1; } mysql_free_result($rst); mysql_close($dbh); return $result; } function GetCredentials($userEmail) { $result = array(); $sql = "SELECT * FROM tbllogins WHERE EmailAddress='#email#'"; $sql = str_replace("#email#", $userEmail, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("GetCredentials($userEmail): " . mysql_error()); } $row = mysql_fetch_object($rst); array_push($result, $row->UserID); array_push($result, $row->FullName); array_push($result, $row->EmailAddress); array_push($result, $row->Password); array_push($result, $row->InstitutionName); array_push($result, $row->DateAdded); array_push($result, $row->DateLastLogin); mysql_free_result($rst); mysql_close($dbh); return $result; } function GetCredentialsByID($userID) { $result = array(); $sql = "SELECT * FROM tbllogins WHERE UserID='#userid#'"; $sql = str_replace("#userid#", $userID, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("GetCredentials($userEmail): " . mysql_error()); } $row = mysql_fetch_object($rst); array_push($result, $row->UserID); array_push($result, $row->FullName); array_push($result, $row->EmailAddress); array_push($result, $row->Password); array_push($result, $row->InstitutionName); array_push($result, $row->DateAdded); array_push($result, $row->DateLastLogin); mysql_free_result($rst); mysql_close($dbh); return $result; } /** * Updates the DateLastLogin field when a user logs into the site. * * @param string $email the user's e-mail address */ function TouchLoginTime($email) { $sql = "UPDATE tbllogins SET DateLastLogin=NOW() WHERE " . "EmailAddress='#email#'"; $sql = str_replace("#email#", $email, $sql); $dbh = OpenDatabase(); mysql_query($sql, $dbh); mysql_close($dbh); } /** * Checks to see if a given email address is already registered. * * @param string $email the email address supplied by the user. * @return 1 if the specified email is already registered, 0 otherwise. */ function CheckForEmail($email) { $sql = "SELECT * FROM tbllogins WHERE EmailAddress='#email#'"; $sql = str_replace("#email#", $email, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("CheckForEmail($email): " . mysql_error()); } if (0 == mysql_num_rows($rst)) { mysql_free_result($rst); mysql_close($dbh); return 0; } else { mysql_free_result($rst); mysql_close($dbh); return 1; } } /** * Creates a new user account in the database. * * @param string $email the user's email address * @param string $password the user's password * @param string $fullname the user's full name * @return long the ID of the newly inserted user, or -1 on error. */ function CreateUser($email, $password, $fullname) { $result = -1; if (1 == CheckForEmail($email)) { return $result; } $sql = "INSERT INTO tbllogins(EmailAddress, Password, FullName, DateAdded)" . "VALUES('#email#', '#password#', '#fullname#', NOW())"; $sql = str_replace("#email#", $email, $sql); $sql = str_replace("#password#", $password, $sql); $sql = str_replace("#fullname#", $fullname, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("CreateUser($email,$password,$fullname): " . mysql_error()); } mysql_free_result($rst); $sql = "SELECT LAST_INSERT_ID() AS UserID FROM tbllogins"; $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("CreateUser(\$rst2): " . mysql_error()); } if (0 != mysql_num_rows($rst)) { $row = mysql_fetch_object($rst); $result = $row->UserID; } mysql_free_result($rst); mysql_close($dbh); return $result; } /** * Sets the organization fields for a user. * @param long $userid the user's numeric id in the database * @param string $orgname the user's organization name * @param string $orgcity the user's city * @param string $orgstate the user's state * @param string $orgpc the user's zip/postal code * @param string $orgcountry the user's country */ function SetOrgForUser($userid, $orgname) { $sql = "UPDATE tbllogins SET InstitutionName='#orgname#' " . "WHERE UserID=#uid#"; $sql = str_replace("#uid#", $userid, $sql); $sql = str_replace("#orgname#", $orgname, $sql); $dbh = OpenDatabase(); $rst = mysql_query($sql, $dbh); if (!$rst) { user_error("SetOrgForUser($userid): " . mysql_error()); } mysql_free_result($rst); mysql_close($dbh); } function SendRegEmail($useremail) { $sitename = GetConfigVar('SiteName'); $admincontact = GetConfigVar('AdminContact'); $params = GetCredentials($useremail); $mailcontent = "Thank you for registering at the ".$sitename." Abstract Submission Site.\n This email is a confirmation of your login information. Please keep this information handy in the event you need to submit additional abstracts or change your existing information.\n\n **********************************************************************\n\n Email Address (login): ".$params[2]."\n\n Password: ".$params[3]."\n\n Full Name: ".$params[1]."\n\n Institution: ".$params[4]."\n\n Registration Date: ".$params[5].""; mail($params[2],"".$sitename." Registration Confirmation",$mailcontent,"From:".$admincontact."\nbcc:".$admincontact.",robbrandt@yahoo.com"); } ?>