source-function-F_import_tsv_users

It appears that you are using AdBlocking software. The cost of running this website is covered by advertisements. If you like it please feel free to a small amount of money to secure the future of this website.
Overview

Classes

Interfaces

Exceptions

Functions

  1: <?php
  2: //============================================================+
  3: // File name   : tce_import_users.php
  4: // Begin       : 2006-03-17
  5: // Last Update : 2012-12-31
  6: //
  7: // Description : Import users from an XML file or tab-delimited
  8: //               TSV file.
  9: //
 10: // Author: Nicola Asuni
 11: //
 12: // (c) Copyright:
 13: //               Nicola Asuni
 14: //               Tecnick.com LTD
 15: //               www.tecnick.com
 16: //               info@tecnick.com
 17: //
 18: // License:
 19: //    Copyright (C) 2004-2012  Nicola Asuni - Tecnick.com LTD
 20: //    See LICENSE.TXT file for more information.
 21: //============================================================+
 22: 
 23: /**
 24:  * @file
 25:  * Import users from an XML file or TSV (Tab delimited text file).
 26:  * @package com.tecnick.tcexam.admin
 27:  * @author Nicola Asuni
 28:  * @since 2006-03-17
 29:  */
 30: 
 31: /**
 32:  */
 33: 
 34: require_once('../config/tce_config.php');
 35: 
 36: $pagelevel = K_AUTH_IMPORT_USERS;
 37: require_once('../../shared/code/tce_authorization.php');
 38: 
 39: $thispage_title = $l['t_user_importer'];
 40: require_once('../code/tce_page_header.php');
 41: require_once('../../shared/code/tce_functions_form.php');
 42: 
 43: switch ($menu_mode) {
 44:     case 'upload': {
 45:         if ($_FILES['userfile']['name']) {
 46:             require_once('../code/tce_functions_upload.php');
 47:             // upload file
 48:             $uploadedfile = F_upload_file('userfile', K_PATH_CACHE);
 49:             if ($uploadedfile !== false) {
 50:                 switch ($file_type) {
 51:                     case 1: {
 52:                         $xmlimporter = new XMLUserImporter(K_PATH_CACHE.$uploadedfile);
 53:                         F_print_error('MESSAGE', $l['m_importing_complete']);
 54:                         break;
 55:                     }
 56:                     case 2: {
 57:                         if (F_import_tsv_users(K_PATH_CACHE.$uploadedfile)) {
 58:                             F_print_error('MESSAGE', $l['m_importing_complete']);
 59:                         }
 60:                         break;
 61:                     }
 62:                 }
 63:             }
 64:         }
 65:         break;
 66:     }
 67: 
 68:     default: {
 69:         break;
 70:     }
 71: } //end of switch
 72: ?>
 73: 
 74: <div class="container">
 75: 
 76: <div class="tceformbox">
 77: <form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post" enctype="multipart/form-data" id="form_importusers">
 78: 
 79: <div class="row">
 80: <span class="label">
 81: <label for="userfile"><?php echo $l['w_upload_file']; ?></label>
 82: </span>
 83: <span class="formw">
 84: <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo K_MAX_UPLOAD_SIZE ?>" />
 85: <input type="file" name="userfile" id="userfile" size="20" title="<?php echo $l['h_upload_file']; ?>" />
 86: </span>
 87: &nbsp;
 88: </div>
 89: 
 90: <div class="row">
 91: <div class="formw">
 92: <fieldset class="noborder">
 93: <legend title="<?php echo $l['h_file_type']; ?>"><?php echo $l['w_type']; ?></legend>
 94: 
 95: <input type="radio" name="file_type" id="file_type_xml" value="1" checked="checked" title="<?php echo $l['h_file_type_xml']; ?>" />
 96: <label for="file_type_xml">XML</label>
 97: <br />
 98: <input type="radio" name="file_type" id="file_type_tsv" value="2" title="<?php echo $l['h_file_type_tsv']; ?>" />
 99: <label for="file_type_tsv">TSV</label>
100: </fieldset>
101: </div>
102: </div>
103: 
104: <div class="row">
105: <?php
106: // show buttons by case
107: F_submit_button("upload", $l['w_upload'], $l['h_submit_file']);
108: ?>
109: </div>
110: 
111: </form>
112: 
113: </div>
114: <?php
115: 
116: echo '<div class="pagehelp">'.$l['hp_import_xml_users'].'</div>'.K_NEWLINE;
117: echo '</div>'.K_NEWLINE;
118: 
119: require_once('../code/tce_page_footer.php');
120: 
121: // ------------------------------------------------------------
122: 
123: /**
124:  * @class XMLUserImporter
125:  * This PHP Class imports users and groups data directly from a XML file.
126:  * @package com.tecnick.tcexam.admin
127:  * @author Nicola Asuni [www.tecnick.com]
128:  * @version 1.0.000
129:  */
130: class XMLUserImporter
131: {
132: 
133:     /**
134:      * String Current data element.
135:      * @private
136:      */
137:     private $current_element = '';
138: 
139:     /**
140:      * String Current data value.
141:      * @private
142:      */
143:     private $current_data = '';
144: 
145:     /**
146:      * Array Array for storing user data.
147:      * @private
148:      */
149:     private $user_data = array();
150: 
151:     /**
152:      * Array for storing user's group data.
153:      * @private
154:      */
155:     private $group_data = array();
156: 
157:     /**
158:      * Int ID of last inserted user (counter)
159:      * @private
160:      */
161:     private $user_id = 0;
162: 
163:     /**
164:      * String XML file
165:      * @private
166:      */
167:     private $xmlfile = '';
168: 
169:     /**
170:      * Class constructor.
171:      * @param $xmlfile (string) XML file name
172:      */
173:     public function __construct($xmlfile)
174:     {
175:         // set xml file
176:         $this->xmlfile = $xmlfile;
177:         // creates a new XML parser to be used by the other XML functions
178:         $this->parser = xml_parser_create();
179:         // the following function allows to use parser inside object
180:         xml_set_object($this->parser, $this);
181:         // disable case-folding for this XML parser
182:         xml_parser_set_option($this->parser, XML_OPTION_CASE_FOLDING, 0);
183:         // sets the element handler functions for the XML parser
184:         xml_set_element_handler($this->parser, 'startElementHandler', 'endElementHandler');
185:         // sets the character data handler function for the XML parser
186:         xml_set_character_data_handler($this->parser, 'segContentHandler');
187:         // start parsing an XML document
188:         if (!xml_parse($this->parser, file_get_contents($xmlfile))) {
189:             die(sprintf(
190:                 'ERROR xmlResourceBundle :: XML error: %s at line %d',
191:                 xml_error_string(xml_get_error_code($this->parser)),
192:                 xml_get_current_line_number($this->parser)
193:             ));
194:         }
195:         // free this XML parser
196:         xml_parser_free($this->parser);
197:     }
198: 
199:     /**
200:      * Class destructor;
201:      */
202:     public function __destruct()
203:     {
204:         // delete uploaded file
205:         @unlink($this->xmlfile);
206:     }
207: 
208:     /**
209:      * Sets the start element handler function for the XML parser parser.start_element_handler.
210:      * @param $parser (resource) The first parameter, parser, is a reference to the XML parser calling the handler.
211:      * @param $name (string) The second parameter, name, contains the name of the element for which this handler is called. If case-folding is in effect for this parser, the element name will be in uppercase letters.
212:      * @param $attribs (array) The third parameter, attribs, contains an associative array with the element's attributes (if any). The keys of this array are the attribute names, the values are the attribute values. Attribute names are case-folded on the same criteria as element names. Attribute values are not case-folded. The original order of the attributes can be retrieved by walking through attribs the normal way, using each(). The first key in the array was the first attribute, and so on.
213:      * @private
214:      */
215:     private function startElementHandler($parser, $name, $attribs)
216:     {
217:         $name = strtolower($name);
218:         switch ($name) {
219:             case 'user': {
220:                 $this->user_data = array();
221:                 $this->group_data = array();
222:                 $this->current_data = '';
223:                 break;
224:             }
225:             case 'name':
226:             case 'password':
227:             case 'email':
228:             case 'regdate':
229:             case 'ip':
230:             case 'firstname':
231:             case 'lastname':
232:             case 'birthdate':
233:             case 'birthplace':
234:             case 'regnumber':
235:             case 'ssn':
236:             case 'level':
237:             case 'verifycode':
238:             case 'otpkey': {
239:                 $this->current_element = 'user_'.$name;
240:                 $this->current_data = '';
241:                 break;
242:             }
243:             case 'group': {
244:                 $this->current_element = 'group_name';
245:                 $this->current_data = '';
246:                 break;
247:             }
248:             default: {
249:                 break;
250:             }
251:         }
252:     }
253: 
254:     /**
255:      * Sets the end element handler function for the XML parser parser.end_element_handler.
256:      * @param $parser (resource) The first parameter, parser, is a reference to the XML parser calling the handler.
257:      * @param $name (string) The second parameter, name, contains the name of the element for which this handler is called. If case-folding is in effect for this parser, the element name will be in uppercase letters.
258:      * @private
259:      */
260:     private function endElementHandler($parser, $name)
261:     {
262:         global $l, $db;
263:         require_once('../config/tce_config.php');
264:         require_once('tce_functions_user_select.php');
265: 
266:         switch (strtolower($name)) {
267:             case 'name':
268:             case 'password':
269:             case 'email':
270:             case 'regdate':
271:             case 'ip':
272:             case 'firstname':
273:             case 'lastname':
274:             case 'birthdate':
275:             case 'birthplace':
276:             case 'regnumber':
277:             case 'ssn':
278:             case 'level':
279:             case 'verifycode':
280:             case 'otpkey': {
281:                 $this->current_data = F_escape_sql($db, F_xml_to_text($this->current_data));
282:                 $this->user_data[$this->current_element] = $this->current_data;
283:                 $this->current_element = '';
284:                 $this->current_data = '';
285:                 break;
286:             }
287:             case 'group': {
288:                 $group_name = F_escape_sql($db, F_xml_to_text($this->current_data));
289:                 // check if group already exist
290:                 $sql = 'SELECT group_id
291:                     FROM '.K_TABLE_GROUPS.'
292:                     WHERE group_name=\''.$group_name.'\'
293:                     LIMIT 1';
294:                 if ($r = F_db_query($sql, $db)) {
295:                     if ($m = F_db_fetch_array($r)) {
296:                         // the group has been already added
297:                         $this->group_data[] = $m['group_id'];
298:                     } else {
299:                         // add new group
300:                         $sqli = 'INSERT INTO '.K_TABLE_GROUPS.' (
301:                             group_name
302:                             ) VALUES (
303:                             \''.$group_name.'\'
304:                             )';
305:                         if (!$ri = F_db_query($sqli, $db)) {
306:                             F_display_db_error(false);
307:                         } else {
308:                             $this->group_data[] = F_db_insert_id($db, K_TABLE_GROUPS, 'group_id');
309:                         }
310:                     }
311:                 } else {
312:                     F_display_db_error();
313:                 }
314:                 break;
315:             }
316:             case 'user': {
317:                 // insert users
318:                 if (!empty($this->user_data['user_name'])) {
319:                     if (empty($this->user_data['user_regdate'])) {
320:                         $this->user_data['user_regdate'] = date(K_TIMESTAMP_FORMAT);
321:                     }
322:                     if (empty($this->user_data['user_ip'])) {
323:                         $this->user_data['user_ip'] = getNormalizedIP($_SERVER['REMOTE_ADDR']);
324:                     }
325:                     if (!isset($this->user_data['user_level']) or (strlen($this->user_data['user_level']) == 0)) {
326:                         $this->user_data['user_level'] = 1;
327:                     }
328:                     if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
329:                         // you cannot edit a user with a level equal or higher than yours
330:                         $this->user_data['user_level'] = min(max(0, ($_SESSION['session_user_level'] - 1)), $this->user_data['user_level']);
331:                         // non-administrator can access only to his/her groups
332:                         if (empty($this->group_data)) {
333:                             break;
334:                         }
335:                         $common_groups = array_intersect(F_get_user_groups($_SESSION['session_user_id']), $this->group_data);
336:                         if (empty($common_groups)) {
337:                             break;
338:                         }
339:                     }
340:                     // check if user already exist
341:                     $sql = 'SELECT user_id,user_level
342:                         FROM '.K_TABLE_USERS.'
343:                         WHERE user_name=\''.$this->user_data['user_name'].'\'
344:                             OR user_regnumber=\''.$this->user_data['user_regnumber'].'\'
345:                             OR user_ssn=\''.$this->user_data['user_ssn'].'\'
346:                         LIMIT 1';
347:                     if ($r = F_db_query($sql, $db)) {
348:                         if ($m = F_db_fetch_array($r)) {
349:                             // the user has been already added
350:                             $user_id = $m['user_id'];
351:                             if (($_SESSION['session_user_level'] >= K_AUTH_ADMINISTRATOR) or ($_SESSION['session_user_level'] > $m['user_level'])) {
352:                                 //update user data
353:                                 $sqlu = 'UPDATE '.K_TABLE_USERS.' SET
354:                                     user_regdate=\''.$this->user_data['user_regdate'].'\',
355:                                     user_ip=\''.$this->user_data['user_ip'].'\',
356:                                     user_name=\''.$this->user_data['user_name'].'\',
357:                                     user_email='.F_empty_to_null($this->user_data['user_email']).',';
358:                                 // update password only if it is specified
359:                                 if (!empty($this->user_data['user_password'])) {
360:                                     $sqlu .= ' user_password=\''.F_escape_sql($db, getPasswordHash($this->user_data['user_password'])).'\',';
361:                                 }
362:                                 $sqlu .= '
363:                                     user_regnumber='.F_empty_to_null($this->user_data['user_regnumber']).',
364:                                     user_firstname='.F_empty_to_null($this->user_data['user_firstname']).',
365:                                     user_lastname='.F_empty_to_null($this->user_data['user_lastname']).',
366:                                     user_birthdate='.F_empty_to_null($this->user_data['user_birthdate']).',
367:                                     user_birthplace='.F_empty_to_null($this->user_data['user_birthplace']).',
368:                                     user_ssn='.F_empty_to_null($this->user_data['user_ssn']).',
369:                                     user_level=\''.$this->user_data['user_level'].'\',
370:                                     user_verifycode='.F_empty_to_null($this->user_data['user_verifycode']).',
371:                                     user_otpkey='.F_empty_to_null($this->user_data['user_otpkey']).'
372:                                     WHERE user_id='.$user_id.'';
373:                                 if (!$ru = F_db_query($sqlu, $db)) {
374:                                     F_display_db_error(false);
375:                                     return false;
376:                                 }
377:                             } else {
378:                                 // no user is updated, so empty groups
379:                                 $this->group_data = array();
380:                             }
381:                         } else {
382:                             // add new user
383:                             $sqlu = 'INSERT INTO '.K_TABLE_USERS.' (
384:                                 user_regdate,
385:                                 user_ip,
386:                                 user_name,
387:                                 user_email,
388:                                 user_password,
389:                                 user_regnumber,
390:                                 user_firstname,
391:                                 user_lastname,
392:                                 user_birthdate,
393:                                 user_birthplace,
394:                                 user_ssn,
395:                                 user_level,
396:                                 user_verifycode,
397:                                 user_otpkey
398:                                 ) VALUES (
399:                                 '.F_empty_to_null($this->user_data['user_regdate']).',
400:                                 \''.$this->user_data['user_ip'].'\',
401:                                 \''.$this->user_data['user_name'].'\',
402:                                 '.F_empty_to_null($this->user_data['user_email']).',
403:                                 \''.F_escape_sql($db, getPasswordHash($this->user_data['user_password'])).'\',
404:                                 '.F_empty_to_null($this->user_data['user_regnumber']).',
405:                                 '.F_empty_to_null($this->user_data['user_firstname']).',
406:                                 '.F_empty_to_null($this->user_data['user_lastname']).',
407:                                 '.F_empty_to_null($this->user_data['user_birthdate']).',
408:                                 '.F_empty_to_null($this->user_data['user_birthplace']).',
409:                                 '.F_empty_to_null($this->user_data['user_ssn']).',
410:                                 \''.$this->user_data['user_level'].'\',
411:                                 '.F_empty_to_null($this->user_data['user_verifycode']).',
412:                                 '.F_empty_to_null($this->user_data['user_otpkey']).'
413:                                 )';
414:                             if (!$ru = F_db_query($sqlu, $db)) {
415:                                 F_display_db_error(false);
416:                                 return false;
417:                             } else {
418:                                 $user_id = F_db_insert_id($db, K_TABLE_USERS, 'user_id');
419:                             }
420:                         }
421:                     } else {
422:                         F_display_db_error(false);
423:                         return false;
424:                     }
425: 
426:                     // user's groups
427:                     if (!empty($this->group_data)) {
428:                         while (list($key,$group_id) = each($this->group_data)) {
429:                             // check if user-group already exist
430:                             $sqls = 'SELECT *
431:                                 FROM '.K_TABLE_USERGROUP.'
432:                                 WHERE usrgrp_group_id=\''.$group_id.'\'
433:                                     AND usrgrp_user_id=\''.$user_id.'\'
434:                                 LIMIT 1';
435:                             if ($rs = F_db_query($sqls, $db)) {
436:                                 if (!$ms = F_db_fetch_array($rs)) {
437:                                     // associate group to user
438:                                     $sqlg = 'INSERT INTO '.K_TABLE_USERGROUP.' (
439:                                         usrgrp_user_id,
440:                                         usrgrp_group_id
441:                                         ) VALUES (
442:                                         '.$user_id.',
443:                                         '.$group_id.'
444:                                         )';
445:                                     if (!$rg = F_db_query($sqlg, $db)) {
446:                                         F_display_db_error(false);
447:                                         return false;
448:                                     }
449:                                 }
450:                             } else {
451:                                 F_display_db_error(false);
452:                                 return false;
453:                             }
454:                         }
455:                     }
456:                 }
457:                 break;
458:             }
459:             default: {
460:                 break;
461:             }
462:         }
463:     }
464: 
465:     /**
466:      * Sets the character data handler function for the XML parser parser.handler.
467:      * @param $parser (resource) The first parameter, parser, is a reference to the XML parser calling the handler.
468:      * @param $data (string) The second parameter, data, contains the character data as a string.
469:      * @private
470:      */
471:     private function segContentHandler($parser, $data)
472:     {
473:         if (strlen($this->current_element) > 0) {
474:             // we are inside an element
475:             $this->current_data .= $data;
476:         }
477:     }
478: } // END OF CLASS
479: 
480: /**
481:  * Import users from TSV file (tab delimited text).
482:  * The format of TSV is the same obtained by exporting data from Users Selection Form.
483:  * @param $tsvfile (string) TSV (tab delimited text) file name
484:  * @return boolean TRUE in case of success, FALSE otherwise
485:  */
486: function F_import_tsv_users($tsvfile)
487: {
488:     global $l, $db;
489:     require_once('../config/tce_config.php');
490: 
491:     // get file content as array
492:     $tsvrows = file($tsvfile); // array of TSV lines
493:     if ($tsvrows === false) {
494:         return false;
495:     }
496: 
497:     // move pointer to second line (discard headers)
498:     next($tsvrows);
499: 
500:     // for each row
501:     while (list($item, $rowdata) = each($tsvrows)) {
502:         // get user data into array
503:         $userdata = explode("\t", $rowdata);
504: 
505:         // set some default values
506:         if (empty($userdata[4])) {
507:             $userdata[4] = date(K_TIMESTAMP_FORMAT);
508:         }
509:         if (empty($userdata[5])) {
510:             $userdata[5] = getNormalizedIP($_SERVER['REMOTE_ADDR']);
511:         }
512:         // user level
513:         if (!isset($userdata[12]) or (strlen($userdata[12]) == 0)) {
514:             $userdata[12] = 1;
515:         }
516:         if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
517:             // you cannot edit a user with a level equal or higher than yours
518:             $userdata[12] = min(max(0, ($_SESSION['session_user_level'] - 1)), $userdata[12]);
519:             // non-administrator can access only to his/her groups
520:             if (empty($userdata[15])) {
521:                 break;
522:             }
523:             $usrgroups = explode(',', addslashes($userdata[15]));
524:             $common_groups = array_intersect(F_get_user_groups($_SESSION['session_user_id']), $usrgroups);
525:             if (empty($common_groups)) {
526:                 break;
527:             }
528:         }
529:         // check if user already exist
530:         $sql = 'SELECT user_id,user_level
531:             FROM '.K_TABLE_USERS.'
532:             WHERE user_name=\''.F_escape_sql($db, $userdata[1]).'\'
533:                 OR user_regnumber='.F_empty_to_null($userdata[10]).'
534:                 OR user_ssn='.F_empty_to_null($userdata[11]).'
535:             LIMIT 1';
536:         if ($r = F_db_query($sql, $db)) {
537:             if ($m = F_db_fetch_array($r)) {
538:                 // the user has been already added
539:                 $user_id = $m['user_id'];
540:                 if (($_SESSION['session_user_level'] >= K_AUTH_ADMINISTRATOR) or ($_SESSION['session_user_level'] > $m['user_level'])) {
541:                     //update user data
542:                     $sqlu = 'UPDATE '.K_TABLE_USERS.' SET
543:                         user_name=\''.F_escape_sql($db, $userdata[1]).'\',';
544:                     // update password only if it is specified
545:                     if (!empty($userdata[2])) {
546:                         $sqlu .= ' user_password=\''.F_escape_sql($db, getPasswordHash($userdata[2])).'\',';
547:                     }
548:                     $sqlu .= '
549:                         user_email='.F_empty_to_null($userdata[3]).',
550:                         user_regdate=\''.F_escape_sql($db, $userdata[4]).'\',
551:                         user_ip=\''.F_escape_sql($db, $userdata[5]).'\',
552:                         user_firstname='.F_empty_to_null($userdata[6]).',
553:                         user_lastname='.F_empty_to_null($userdata[7]).',
554:                         user_birthdate='.F_empty_to_null($userdata[8]).',
555:                         user_birthplace='.F_empty_to_null($userdata[9]).',
556:                         user_regnumber='.F_empty_to_null($userdata[10]).',
557:                         user_ssn='.F_empty_to_null($userdata[11]).',
558:                         user_level=\''.intval($userdata[12]).'\',
559:                         user_verifycode='.F_empty_to_null($userdata[13]).',
560:                         user_otpkey='.F_empty_to_null($userdata[14]).'
561:                         WHERE user_id='.$user_id.'';
562:                     if (!$ru = F_db_query($sqlu, $db)) {
563:                         F_display_db_error(false);
564:                         return false;
565:                     }
566:                 } else {
567:                     // no user is updated, so empty groups
568:                     $userdata[15] = '';
569:                 }
570:             } else {
571:                 // add new user
572:                 $sqlu = 'INSERT INTO '.K_TABLE_USERS.' (
573:                     user_name,
574:                     user_password,
575:                     user_email,
576:                     user_regdate,
577:                     user_ip,
578:                     user_firstname,
579:                     user_lastname,
580:                     user_birthdate,
581:                     user_birthplace,
582:                     user_regnumber,
583:                     user_ssn,
584:                     user_level,
585:                     user_verifycode,
586:                     user_otpkey
587:                     ) VALUES (
588:                     \''.F_escape_sql($db, $userdata[1]).'\',
589:                     \''.F_escape_sql($db, getPasswordHash($userdata[2])).'\',
590:                     '.F_empty_to_null($userdata[3]).',
591:                     \''.F_escape_sql($db, $userdata[4]).'\',
592:                     \''.F_escape_sql($db, $userdata[5]).'\',
593:                     '.F_empty_to_null($userdata[6]).',
594:                     '.F_empty_to_null($userdata[7]).',
595:                     '.F_empty_to_null($userdata[8]).',
596:                     '.F_empty_to_null($userdata[9]).',
597:                     '.F_empty_to_null($userdata[10]).',
598:                     '.F_empty_to_null($userdata[11]).',
599:                     \''.intval($userdata[12]).'\',
600:                     '.F_empty_to_null($userdata[13]).',
601:                     '.F_empty_to_null($userdata[14]).'
602:                     )';
603:                 if (!$ru = F_db_query($sqlu, $db)) {
604:                     F_display_db_error(false);
605:                     return false;
606:                 } else {
607:                     $user_id = F_db_insert_id($db, K_TABLE_USERS, 'user_id');
608:                 }
609:             }
610:         } else {
611:             F_display_db_error(false);
612:             return false;
613:         }
614: 
615:         // user's groups
616:         if (!empty($userdata[15])) {
617:             $groups = preg_replace("/[\r\n]+/", '', $userdata[15]);
618:             $groups = explode(',', addslashes($groups));
619:             while (list($key,$group_name)=each($groups)) {
620:                 $group_name = F_escape_sql($db, $group_name);
621:                 // check if group already exist
622:                 $sql = 'SELECT group_id
623:                     FROM '.K_TABLE_GROUPS.'
624:                     WHERE group_name=\''.$group_name.'\'
625:                     LIMIT 1';
626:                 if ($r = F_db_query($sql, $db)) {
627:                     if ($m = F_db_fetch_array($r)) {
628:                         // the group already exist
629:                         $group_id = $m['group_id'];
630:                     } else {
631:                         // creat a new group
632:                         $sqli = 'INSERT INTO '.K_TABLE_GROUPS.' (
633:                             group_name
634:                             ) VALUES (
635:                             \''.$group_name.'\'
636:                             )';
637:                         if (!$ri = F_db_query($sqli, $db)) {
638:                             F_display_db_error(false);
639:                             return false;
640:                         } else {
641:                             $group_id = F_db_insert_id($db, K_TABLE_GROUPS, 'group_id');
642:                         }
643:                     }
644:                 } else {
645:                     F_display_db_error(false);
646:                     return false;
647:                 }
648:                 // check if user-group already exist
649:                 $sqls = 'SELECT *
650:                     FROM '.K_TABLE_USERGROUP.'
651:                     WHERE usrgrp_group_id=\''.$group_id.'\'
652:                         AND usrgrp_user_id=\''.$user_id.'\'
653:                     LIMIT 1';
654:                 if ($rs = F_db_query($sqls, $db)) {
655:                     if (!$ms = F_db_fetch_array($rs)) {
656:                         // associate group to user
657:                         $sqlg = 'INSERT INTO '.K_TABLE_USERGROUP.' (
658:                             usrgrp_user_id,
659:                             usrgrp_group_id
660:                             ) VALUES (
661:                             '.$user_id.',
662:                             '.$group_id.'
663:                             )';
664:                         if (!$rg = F_db_query($sqlg, $db)) {
665:                             F_display_db_error(false);
666:                             return false;
667:                         }
668:                     }
669:                 } else {
670:                     F_display_db_error(false);
671:                     return false;
672:                 }
673:             }
674:         }
675:     }
676: 
677:     return true;
678: }
679: 
680: //============================================================+
681: // END OF FILE
682: //============================================================+
683: 
 

© 2004-2018 – Nicola Asuni - Tecnick.com - All rights reserved.
about - disclaimer - privacy