summaryrefslogtreecommitdiffstats
path: root/web/lib/acctfuncs.inc.php
diff options
context:
space:
mode:
authorcanyonknight <canyonknight@gmail.com>2012-05-23 15:32:52 -0400
committerLukas Fleischer <archlinux@cryptocrack.de>2012-07-06 11:27:03 +0200
commit8a59cd620804909400ea526602bffa1e2f3d389c (patch)
treec97350d220f0c306d325541668e54b6c8fdd5586 /web/lib/acctfuncs.inc.php
parent763cbf8373e3373254ad18f5b69fd16efdc6fd5c (diff)
downloadaurweb-8a59cd620804909400ea526602bffa1e2f3d389c.tar.xz
account.php: Pull out DB code
* Move DB code in account.php to new functions in acctfuncs.inc.php * Centralization of DB code important in a future transition to PDO interface * Consolidate redudant SQL statements from DisplayAccount and AccountInfo * Consolidation also adds ability to edit accounts based on username Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/lib/acctfuncs.inc.php')
-rw-r--r--web/lib/acctfuncs.inc.php39
1 files changed, 39 insertions, 0 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 31c43db..7ea423e 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -740,3 +740,42 @@ function clear_expired_sessions($dbh=NULL) {
return;
}
+function account_details($uid, $username, $dbh=NULL) {
+ if(!$dbh) {
+ $dbh = db_connect();
+ }
+ $q = "SELECT Users.*, AccountTypes.AccountType ";
+ $q.= "FROM Users, AccountTypes ";
+ $q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
+ if (!empty($uid)) {
+ $q.= "AND Users.ID = ".intval($uid);
+ } else {
+ $q.= "AND Users.Username = '".db_escape_string($username) . "'";
+ }
+ $result = db_query($q, $dbh);
+
+ if ($result) {
+ $row = mysql_fetch_assoc($result);
+ }
+
+ return $row;
+}
+
+function own_account_details($sid, $dbh=NULL) {
+ if(!$dbh) {
+ $dbh = db_connect();
+ }
+ $q = "SELECT Users.*, AccountTypes.AccountType ";
+ $q.= "FROM Users, AccountTypes, Sessions ";
+ $q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
+ $q.= "AND Users.ID = Sessions.UsersID ";
+ $q.= "AND Sessions.SessionID = '";
+ $q.= db_escape_string($sid)."'";
+ $result = db_query($q, $dbh);
+
+ if ($result) {
+ $row = mysql_fetch_assoc($result);
+ }
+
+ return $row;
+}