diff -Naur raduser-2.11-downloaded/admin/newuser.php raduser/admin/newuser.php --- raduser-2.11-downloaded/admin/newuser.php 2005-01-29 16:52:55.429067816 +0600 +++ raduser/admin/newuser.php 2005-01-28 18:03:46.609208000 +0600 @@ -63,18 +63,14 @@ if($user_password_function == 1) { - $query = "insert into users SET - userName = '$username', - userPassword = password('$password'), - userStatus =1"; // switch back to 0 + $query = "INSERT INTO USERS(userName,userPassword,userStatus) + values('$username',password('$password'),1)"; } else { - $query = "insert into users SET - userName = '$username', - userPassword = md5('$password'), - userStatus =1"; // switch back to 0 + $query = "INSERT INTO USERS(userName,userPassword,userStatus) + values('$username',md5('$password'),1)"; } db_query($query,$con); @@ -86,8 +82,8 @@ $userid = mysql_insert_id(); $email = sanitize_variable($_REQUEST['email']); - $query = "INSERT INTO userProfile SET - userEmail = '$email', userId = $userid"; + $query = "INSERT INTO userProfile(userEmail, userId) + VALUES('$email', $userid)"; db_query($query); diff -Naur raduser-2.11-downloaded/members/common.php raduser/members/common.php --- raduser-2.11-downloaded/members/common.php 2005-01-29 16:53:40.574204712 +0600 +++ raduser/members/common.php 2005-01-28 18:03:46.609208000 +0600 @@ -54,7 +54,7 @@ function db_query($query) { global $db_type; - error_log("\n\n $query"); + if($db_type == 'mysql') { @@ -64,7 +64,12 @@ { $res = pg_query($query); - error_log(pg_last_error()); + if(pg_last_error() != '') + { + error_log(pg_last_error()); + error_log($query); + } + } return $res; } @@ -92,7 +97,7 @@ } else { - return pg_fetch_rows($res); + return pg_fetch_row($res); } } @@ -153,9 +158,8 @@ function set_session($userId,$sessionId, $con) { - $query = "insert into loggedUsers set userId = $userId, - sessionId = '$sessionId', loginTime = now(), - lastAccess = now()"; + $query = "INSERT INTO loggedUsers(userId,sessionId, loginTime,lastAccess ) + VALUES($userId,'$sessionId', now(),now())"; $result = db_query($query,$con); @@ -180,8 +184,18 @@ */ function clean_sessions() { - $query = "delete from loggedUsers where + global $db_type; + if($db_type=='mysql') + { + $query = "delete from loggedUsers where unix_timestamp(date_add(lastAccess, interval 1 hour)) < unix_timestamp(now())"; + } + else + { + $query = "delete from loggedUsers where + round(date_part('epoch',lastAccess + interval '1 hour')) < round(date_part('epoch',now()))"; + } + $result = db_query($query); } @@ -191,7 +205,7 @@ */ function is_logged($sid="") { - global $con; + global $con,$db_type; if(!isset($sid) || $sid == '') @@ -204,10 +218,18 @@ * the next line. */ clean_sessions(); - $query = "SELECT userId from loggedUsers where sessionId = '$sid' and + if($db_type=='mysql') + { + $query = "SELECT userId from loggedUsers where sessionId = '$sid' and unix_timestamp(date_add(lastAccess, interval 1 hour)) > unix_timestamp(now())"; + } + else + { + $query = "SELECT userId from loggedUsers where sessionId = '$sid' and + round(date_part('epoch',lastAccess + interval '1 hour')) > + round(date_part('epoch',now()))"; + } - error_log('in is_logged()' . $query); $result = db_query($query); if($result) @@ -220,11 +242,12 @@ db_query($query); echo mysql_error(); } - + error_log('is_logged : return - ' . $row[0]); return $row[0]; } else { + error_log('is_logged : return - 0'); return 0; } } @@ -235,17 +258,29 @@ */ function is_admin($sid="") { - global $con; + global $con, $db_type; if(!isset($sid) || $sid == '') { $sid = session_id(); } clean_sessions(); - $query = "SELECT a.userId FROM loggedUsers a, users b + + if($db_type == 'mysql') + { + $query = "SELECT a.userId FROM loggedUsers a, users b WHERE a.sessionId = '$sid' AND b.userStatus >= 2 AND - a.userId = b.userId AND + a.userId = b.userId AND unix_timestamp(date_add(lastAccess, interval 1 hour)) > unix_timestamp(now())"; + } + else + { + $query = "SELECT a.userId FROM loggedUsers a, users b + WHERE a.sessionId = '$sid' AND b.userStatus >= 2 AND + a.userId = b.userId AND + round(date_part('epoch',lastAccess + interval '1 hour')) > + round(date_part('epoch',now()))"; + } $result = db_query($query); @@ -562,10 +597,23 @@ } function on_session_read($key) { - error_log($key); + global $db_type; + + $stmt = "select session_data from sessions "; $stmt .= "where session_id ='$key' "; - $stmt .= "and unix_timestamp(session_expiration) > unix_timestamp(date_add(now(),interval 1 hour))"; + + if($db_type == 'mysql') + { + $stmt .= "and unix_timestamp(session_expiration) > + unix_timestamp(date_add(now(),interval 1 hour))"; + } + else + { + $stmt .= "and round(date_part('epoch',session_expiration)) > + round(date_part('epoch',lastAccess + interval '1 hour'))"; + } + $sth = db_query($stmt); if($sth) @@ -594,13 +642,30 @@ * To enabale this feature set the variable $session_in_db to 'db'; */ function on_session_write($key, $val) { - error_log("$key = $value"); + global $db_type; + $val = addslashes($val); + $insert_stmt = "insert into sessions values('$key', "; - $insert_stmt .= "'$val',unix_timestamp(date_add(now(), interval 1 hour)))"; + if($db_type == 'mysql') + { + $insert_stmt .= "'$val',unix_timestamp(date_add(now(), interval 1 hour)))"; + } + else + { + $insert_stmt .= "'$val',round(date_part('epoch',lastAccess + interval '1 hour')))"; + } $update_stmt = "update sessions set session_data ='$val', "; - $update_stmt .= "session_expiration = unix_timestamp(date_add(now(), interval 1 hour))"; + if($db_type == 'mysql') + { + $update_stmt .= "session_expiration = unix_timestamp(date_add(now(), interval 1 hour))"; + } + else + { + $update_stmt .= "session_expiration = round(date_part('epoch',lastAccess + interval '1 hour'))"; + } + $update_stmt .= "where session_id ='$key '"; // First we try to insert, if that doesn't succeed, it means @@ -624,7 +689,17 @@ function on_session_gc($max_lifetime) { - db_query("delete from sessions where unix_timestamp(session_expiration) < unix_timestamp(now())"); + global $db_query; + if($db_query == 'mysql') + { + db_query("delete from sessions where unix_timestamp(session_expiration) + < unix_timestamp(now())"); + } + else + { + db_query("delete from sessions where round(date_part('epoch',session_expiration)) + < round(date_part('epoch',now()))"); + } } diff -Naur raduser-2.11-downloaded/members/signup.php raduser/members/signup.php --- raduser-2.11-downloaded/members/signup.php 2005-01-29 16:52:55.432067360 +0600 +++ raduser/members/signup.php 2005-01-28 18:03:46.609208000 +0600 @@ -77,18 +77,16 @@ $userStatus = ($validate_email == 0) ? 1 : 0; if($user_password_function == 1) - { - $query = "insert into users SET - userName = '$username', - userPassword = password('$password'), - userStatus =$userStatus"; + { + + $query = "INSERT INTO USERS(userName,userPassword,userStatus) + values('$username',password('$password'),1)"; + } else { - $query = "insert into users SET - userName = '$username', - userPassword = md5('$password'), - userStatus =$userStatus"; + $query = "INSERT INTO USERS(userName,userPassword,userStatus) + values('$username',md5('$password'),1)"; } @@ -105,14 +103,11 @@ /* * create the profile */ - $query = "insert into userProfile SET - userId = $userid, - userFirstName = '$firstname', - userLastName= '$lastname', - userEmail = '$email', - userValidationKey = '$uniqueId', - userIP = '$IP', - userSignUp = now()"; + $query = "INSERT INTO + userProfile(userId,userFirstName,userLastName, + userEmail,userValidationKey,userIP,userSignUp) + VALUES($userid,'$firstname','$lastname','$email', + '$uniqueId','$ip',now()"; db_query($query,$con); //echo mysql_error();