diff options
author | canyonknight <canyonknight@gmail.com> | 2012-05-23 15:20:58 -0400 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2012-07-06 11:26:51 +0200 |
commit | 1eea2951fbebb5bb4dfc0c09ad7622f03e4a6471 (patch) | |
tree | 76bf838824feafda7bf4aeeab8bd27adadc959ea /web/lib | |
parent | 09e50568e41a470093486dbd20f3aa4f4da08444 (diff) | |
download | aurweb-1eea2951fbebb5bb4dfc0c09ad7622f03e4a6471.tar.xz |
addvote.php: Pull out DB code
* Verifying a username exists should use already present valid_user function
* Create new functions in acctfuncs.inc.php with SQL queries from addvote.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/acctfuncs.inc.php | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 9e50cfd..bb1f6e8 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -522,8 +522,13 @@ function valid_username($user) { * Checks if the username is valid and if it exists in the database * Returns the username ID or nothing */ -function valid_user($user, $dbh) { +function valid_user($user, $dbh=NULL) { /* if ( $user = valid_username($user) ) { */ + + if(!$dbh) { + $dbh = db_connect(); + } + if ( $user ) { $q = "SELECT ID FROM Users WHERE Username = '" . db_escape_string($user). "'"; @@ -538,6 +543,37 @@ function valid_user($user, $dbh) { return; } +# Check for any open proposals about a user. Used to prevent multiple proposals. +function open_user_proposals($user, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = "SELECT * FROM TU_VoteInfo WHERE User = '" . db_escape_string($user) . "'"; + $q.= " AND End > UNIX_TIMESTAMP()"; + $result = db_query($q, $dbh); + if (mysql_num_rows($result)) { + return true; + } + else { + return false; + } +} + +# Creates a new trusted user proposal from entered agenda. +# Optionally takes proposal about specific user. Length of vote set by submitter. +function add_tu_proposal($agenda, $user, $votelength, $submitteruid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = "INSERT INTO TU_VoteInfo (Agenda, User, Submitted, End, SubmitterID) VALUES "; + $q.= "('" . db_escape_string($agenda) . "', "; + $q.= "'" . db_escape_string($user) . "', "; + $q.= "UNIX_TIMESTAMP(), UNIX_TIMESTAMP() + " . db_escape_string($votelength); + $q.= ", " . $submitteruid . ")"; + db_query($q, $dbh); + +} + function good_passwd($passwd) { if ( strlen($passwd) >= PASSWD_MIN_LEN ) { return true; |