<?php
/***************************************************************************/
/**		@package			Project Manga Carta																		**/
/**																																				**/
/**		@Copyright		(c) 2004 by GhostGambler															**/
/**																																				**/
/**																																				**/
/**		@todo:																															**/
			/*
			
			*/
/**																																				**/
/***************************************************************************/
/**
 * @author			GhostGambler <ghostgambler@gmx.de>
 * @copyright		2004 by GhostGambler
 * @version			Version 1.0
 * @link				http://www.manga-carta.de Home of the programmer of this wonderful code ;-)
 * @include			uses the DB-class of me, if you don't own -> download!...it's pretty nice ^-^ (in some way -_-")
*/
class user
{
	private $id = '', $username = '', $db, $rights, $type;
	
	/*
	 * Settings -v
	*/
	private $table_user						= 'users',
					$table_rights					= 'rights',
					$column_user_username	= 'username',
					$column_user_password	= 'password',
					$column_user_id				= 'id',
					$column_user_last_on	= 'last_on',
					$column_user_free			= 'free',
					$column_user_code			= 'code',
					$column_rights_id			= 'user_id',
					$standart_rights			= array('all' => 'j',
																				'forum_view_all' => 'j'
																				),
					$crypt								= 'sha1';
					#$crypt								= 'md5';
	
	public	$settings = array(	'forum'			=>	array(	'posts_pro_seite'				=> 	12,
																											'seitenblocks'					=>	4,
																											'show_categ_desc'				=>	1,
																											'show_last_post'				=>	1,
																											'show_last_threads'			=>	1,
																											'show_last_post_board'	=>	1
																										),
															'gallery'		=>	array(	'pics_pro_seite'				=>	4,
																											'pics_pro_reihe'				=>	4
																										),
															'news'			=>	array(	'news_pro_seite'				=>	4,
																											'seitenblocks'					=>	4
																										),
															'spotlight'	=>	array(	'seitenblocks'					=>	4
																										)
														);
	/**
	 * @param My-SQL-Resource-ID of the two tables above, is using the DB-Class of me, if you don't own, download!
	*/
	function __construct($db, $type = 'session')
	{
		$this->db = $db;
		$this->type = $type;
		
		if ($this->logged_in())
		{
			$this->db->query('UPDATE `' . $this->table_user . '` SET `' . $this->column_user_last_on . '` = ' . time() . ' WHERE id=' . $_SESSION['id']);
			$this->id = $_SESSION['id'];
			$result = $this->db->query('SELECT * FROM `' . $this->table_user . '` WHERE `' . $this->column_user_id . '` = ' . $this->id);
			$row = $this->db->fetch_assoc($result);
			$this->username = $row['username'];
		}
		$this->load_rights();
	}
	
	
	function register($username, $password, $extras='')
	{
		if ($extras !='' AND is_array($extras))
		{
			$result = $this->db->query('SELECT * FROM `' . $this->table_user . '` WHERE `' . $this->column_user_username . '` LIKE "' . $this->db->real_escape_string($username) . '"');
			if ($this->db->num_rows($result)==0)
			{
				$sql = 'INSERT INTO `' . $this->table_user . '` (`' . $this->column_user_username . '`, `' . $this->column_user_password . '`';
				foreach ($extras as $key => $value)
				{
					$sql .= ', `' . $this->db->real_escape_string($key) . '`';
				}
				$function = $this->crypt;
				$sql .= ') VALUES ("' . $this->db->real_escape_string($username) . '", "' . $function($password) . '"';
				reset($extras);
				foreach ($extras as $value)
				{
					$sql .= ', "' . $this->db->real_escape_string($value) . '"';
				}
				$sql .= ')';
				$this->db->query($sql);
				return true;
			}
			return false;
		}
		else
		{
			return false;
		}
	}
	
	function free($username, $code)
	{
		$result = $this->db->query('SELECT * FROM `' . $this->table_user . '` WHERE `' . $this->column_user_username . '` LIKE "' . $this->db->real_escape_string($username) . '"');
		if ($this->db->num_rows($result)==0)
		{
			return false;
		}
		else
		{
			$row = $this->db->fetch_assoc($result);
			if ($row[$this->column_user_code]==$code)
			{
				if ($this->db->query('UPDATE `' . $this->table_user . '` SET `' . $this->column_user_free . '` = "j" WHERE `' . $this->column_user_username . '` LIKE "' . $this->db->real_escape_string($username) . '"'))
				{
					return true;
				}
				else
				{
					return false;
				}
			}
			else
			{
				return false;
			}
		}
	}
	
	/**
	 * @param string $username The username of the user (how complicated ^^
	 * @param string $password The password of the user, not encrypted, will be done!
	 * 
	 * @return boolean true=login, false=error, just let the user control his typing XD
	*/
	function login($username, $password)
	{
		$result = $this->db->query('SELECT * FROM `' . $this->table_user . '` WHERE `' . $this->column_user_username . '` LIKE "' . $this->db->real_escape_string($username) . '" AND `' . $this->column_user_password . '` = "' . $this->functions($this->crypt, $password) . '" AND `' . $this->column_user_free . '` = "j"');
		if ($this->db->num_rows($result)!=0)
		{
			$row = $this->db->fetch_assoc($result);
			$this->id = $row['id'];
			$this->username = $row['username'];
			if ($this->type == 'session')
			{
				$_SESSION['id'] = $row['id'];
			}
			$this->load_rights();
			$this->db->query('UPDATE `' . $this->table_user . '` SET `' . $this->column_user_last_on . '` = ' . time());
			return true;
		}
		else
		{
			return false;
		}
	}
	
	function login_id($id)
	{
		if (!is_numeric($id))
		{
			return false;
		}
		$result = $this->db->query('SELECT * FROM `' . $this->table_user . '` WHERE `' . $this->column_user_id . '` = ' . $id);
		if ($this->db->num_rows($result)!=0)
		{
			$row = $this->db->fetch_assoc($result);
			$this->id = $row['id'];
			$this->username = $row['username'];
			if ($this->type=='session')
			{
				$_SESSION['id'] = $row['id'];
			}
			$this->load_rights();
			$this->db->query('UPDATE `' . $this->table_user . '` SET `' . $this->column_user_last_on . '` = ' . time());
			return true;
		}
		else
		{
			return false;
		}
	}
	
	function logout()
	{
		if ($this->type=='session')
		{
			$_SESSION = array('layout' => 'saienns');
		}
		$this->id = '';
		$this->username = '';
		$this->rights = $this->standart_rights;
		return true;
	}
	
	function load_rights()
	{
		if ($this->logged_in())
		{
			$result = $this->db->query('SELECT * FROM `' . $this->table_rights . '` WHERE `' . $this->column_rights_id . '` = ' . $this->id);
			if ($this->db->num_rows($result) != 0)
			{
				$row = $this->db->fetch_assoc($result);
				$this->rights = $row;
				unset($this->rights['id']);
				return true;
			}
		}
		$this->rights = $this->standart_rights;
		return true;
	}
	
	/**
	 * @param string||array $right If the user has ALL rights, in the array or the right in the string, then true else false
	*/
	function has_right($right)
	{
		if (!is_array($right))
		{
			if (array_key_exists($right, $this->rights) AND $this->rights[$right]=='j')
			{
				return true;
			}
			else
			{
				return false;
			}
		}
		else
		{
			foreach ($right as $value)
			{
				if (array_key_exists($value, $this->rights) AND $this->rights[$value]=='j')
				{
					return true;
				}
			}
			return false;
		}
	}
	
	function has_rights($rights)
	{
		if (is_array($rights))
		{
			foreach ($rights as $value)
			{
				if (!array_key_exists($value, $this->rights))
				{
					return false;
				}
				else
				{
					if ($this->rights[$value]=='n')
					{
						return false;
					}
				}
			}
			return true;
		}
		else
		{
			return false;
		}
	}
	
	/**
	 * @param string $right The right to give. Non existing rights will be ignored without error
	 * @todo add missing column of right or spread errors around the net XDDDDD
	*/
	function give_right($right)
	{
		if (!is_array($right))
		{
			if (array_key_exists($right, $this->rights) AND $this->rights[$right]=='n')
			{
				$this->db->query('UPDATE `' . $this->table_rights . '` SET `' . $right . '` = "j" WHERE `' . $this->column_rights_id . '` = ' . $this->id);
			}
		}
		else
		{
			foreach ($right as $value)
			{
				if (array_key_exists($value, $this->rights) AND $this->rights[$value]=='n')
				{
					$this->db->query('UPDATE `' . $this->table_rights . '` SET `' . $value . '` = "j" WHERE `' . $this->column_rights_id . '` = ' . $this->id);
				}
			}
		}
		$this->load_rights();
		return true;
	}
	
	/*
	 * same as above!
	*/
	function remove_right($right)
	{
		if (!is_array($right))
		{
			if (array_key_exists($right, $this->rights) AND $this->rights[$right]=='j')
			{
				$this->db->query('UPDATE `' . $this->table_rights . '` SET `' . $right . '` = "n" WHERE `' . $this->column_rights_id . '` = ' . $this->id);
			}
		}
		else
		{
			foreach ($right as $value)
			{
				if (array_key_exists($value, $this->rights) AND $this->rights[$value]=='j')
				{
					$this->db->query('UPDATE `' . $this->table_rights . '` SET `' . $value . '` = "n" WHERE `' . $this->column_rights_id . '` = ' . $this->id);
				}
			}
		}
		$this->load_rights();
		return true;
	}
	
	function right_exists($right)
	{
		$result = $this->db->query('SELECT * FROM `' . $this->table_rights . '` LIMIT 0, 1');
		$row = $this->db->fetch_assoc($result);
		if (array_key_exists(htmlentities($right), $row))
		{
			return true;
		}
		else
		{
			return false;
		}
	}
	
	/**
	 * @param string $right The right to add to the database
	 * 
	 * @return true if everything worked fine (no error, if the right already exists)
	*/
	function create_right($right)
	{
		if (!$this->right_exists($right))
		{
			$this->db->query('ALTER TABLE `' . $this->table_rights . '` ADD `' . $right . '` CHAR( 1 ) DEFAULT "n" NOT NULL');
			$this->load_rights();
		}
		return true;
	}
	/*
	 * same as above
	*/
	function delete_right($right)
	{
		if ($this->right_exists($right))
		{
			$this->db->query('ALTER TABLE `' . $this->table_rights . '` DROP `' . $right . '` ');
			$this->load_rights();
		}
		return true;
	}
	
	
	// Funktion gibt eine sch&ouml;ne Zeile mit Usernamen + diff Links zur&uuml;ck
	function get_Stat_line()
	{
		$Stat_line = '<a href="/profile/index.php?user_id=' . $this->get_id() . '"><b>' . $this->get_username() . '</b></a>';
		$result = $this->db->query('SELECT * FROM illus WHERE user_id=' . $this->get_id() . ' AND free=1');
		if ($this->is_Crew())
		{
			$Stat_line .= ' <font color=#99000A>[Crew]</font>';
		}
		if ($this->db->num_rows($result)!=0)
		{
			$Stat_line .= ' [<a href="/gallery/artist.php?user_id=' . $this->get_id() . '">Gallery</a>]';
		}
		$Stat_line .= ' [<a href="/nachrichten/index.php?op=write&an=' . $this->get_username() . '">Nachricht senden</a>]';
		
		return $Stat_line;
	}
	
	function get_id()
	{
		return $this->id;
	}
	
	function get_username()
	{
		return $this->username;
	}
	
	function get_last_on()
	{
		if ($this->logged_in())
		{
			$result = $this->db->query('SELECT `' . $this->column_user_last_on . '` FROM `' . $this->table_user . '` WHERE `' . $this->column_user_id . '`=' . $this->id);
			$row = $this->db->fetch_assoc($result);
			return $row[$this->column_user_last_on];
		}
		else
		{
			return false;
		}
	}
	
	function get_paid_money()
	{
		$result = $this->db->query('SELECT SUM(Betrag) FROM paid WHERE user_id=' . $this->get_id());
		$row = $this->db->fetch_assoc($result);
		$row = $row['SUM(Betrag)'];
		if ($row > 0)
		{
			if (strlen($row) > 2)
			{
				$result = substr($row, 0, strlen($row)-2);
			}
			else
			{
				$result = '0';
			}
			$result .= ',';
			$result .= substr($row, strlen($row)-2);
		}
		else
		{
			$result = '0,00';
		}
		$result .= ' &euro;';
		return $result;
	}
	
	function is_free($username)
	{
		$result = $this->db->query('SELECT `' . $this->column_user_free . '` FROM `' . $this->table_user . '` WHERE `' . $this->column_user_username . '` LIKE "' . $this->db->real_escape_string($username) . '"');
		$row = $this->db->fetch_assoc($result);
		if ($row[$this->column_user_free] == 'j')
		{
			return true;
		}
		else
		{
			return false;
		}
	}
	
	function is_Crew()
	{
		$result = $this->db->query('SELECT * FROM `' . $this->table_rights . '` WHERE `' . $this->column_rights_id . '`=' . $this->id);
		if ($this->db->num_rows($result)!=0)
		{
			return true;
		}
		else
		{
			return false;
		}
	}
	
	function logged_in()
	{
		if ($this->type != 'session')
		{
			if($this->id != '')
			{
				return true;
			}
			else
			{
				return false;
			}
		}
		elseif ($this->type == 'session')
		{
			if (isset($_SESSION['id']) AND $_SESSION['id'] != '' AND $_SESSION['id'] != 0)
			{
				return true;
			}
			else
			{
				return false;
			}
		}
		else
		{
			return false;
		}
	}
	
	/*
	 * Is used for using the md5 or sha1-function in the MySQL-query
	 * private for not being used outside (in the end, it's jut used once ^^")
	*/
	private function functions($function, $param)
	{
		return $function($param);
	}
}
?>