PHP user_ensure_unprotected函数代码示例

function profile_update($p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description)
{
    $c_user_id = db_prepare_int($p_user_id);
    $c_profile_id = db_prepare_int($p_profile_id);
    $c_platform = db_prepare_string($p_platform);
    $c_os = db_prepare_string($p_os);
    $c_os_build = db_prepare_string($p_os_build);
    $c_description = db_prepare_string($p_description);
    if (ALL_USERS != $p_user_id) {
        user_ensure_unprotected($p_user_id);
    }
    # platform cannot be blank
    if (is_blank($c_platform)) {
        error_parameters(lang_get('platform'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # os cannot be blank
    if (is_blank($c_os)) {
        error_parameters(lang_get('operating_system'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # os_build cannot be blank
    if (is_blank($c_os_build)) {
        error_parameters(lang_get('version'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    $t_user_profile_table = config_get('mantis_user_profile_table');
    # Add item
    $query = "UPDATE {$t_user_profile_table}\n\t\t\t\t  SET platform='{$c_platform}',\n\t\t\t\t  \t  os='{$c_os}',\n\t\t\t\t\t  os_build='{$c_os_build}',\n\t\t\t\t\t  description='{$c_description}'\n\t\t\t\t  WHERE id='{$c_profile_id}' AND user_id='{$c_user_id}'";
    $result = db_query($query);
    # db_query() errors on failure so:
    return true;
}

/**
 * delete all preferences for a user in all projects
 * returns true if the prefs were successfully deleted
 *
 * It is far more efficient to delete them all in one query than to
 *  call user_pref_delete() for each one and the code is short so that's
 *  what we do
 * @param int $p_user_id
 * @return true
 */
function user_pref_delete_all( $p_user_id ) {
	$c_user_id = db_prepare_int( $p_user_id );

	user_ensure_unprotected( $p_user_id );

	$t_user_pref_table = db_get_table( 'user_pref' );

	$query = 'DELETE FROM ' . $t_user_pref_table . ' WHERE user_id=' . db_param();
	db_query_bound( $query, Array( $c_user_id ) );

	user_pref_clear_cache( $p_user_id );

	# db_query errors on failure so:
	return true;
}

/**
 * Set the user's password to the given string, encoded as appropriate
 *
 * @param integer $p_user_id         A valid user identifier.
 * @param string  $p_password        A password to set.
 * @param boolean $p_allow_protected Whether Allow password change to a protected account. This defaults to false.
 * @return boolean always true
 */
function user_set_password($p_user_id, $p_password, $p_allow_protected = false)
{
    if (!$p_allow_protected) {
        user_ensure_unprotected($p_user_id);
    }
    # When the password is changed, invalidate the cookie to expire sessions that
    # may be active on all browsers.
    $c_cookie_string = auth_generate_unique_cookie_string();
    $c_password = auth_process_plain_password($p_password);
    $t_query = 'UPDATE {user}
				  SET password=' . db_param() . ', cookie_string=' . db_param() . '
				  WHERE id=' . db_param();
    db_query($t_query, array($c_password, $c_cookie_string, (int) $p_user_id));
    return true;
}

/**
 * Triggers an ERROR if the current user account is protected.
 * The $g_anonymous_account user is always considered protected.
 *
 * @access public
 */
function current_user_ensure_unprotected()
{
    user_ensure_unprotected(auth_get_current_user_id());
}

function user_set_password($p_user_id, $p_password, $p_allow_protected = false)
{
    if (!$p_allow_protected) {
        user_ensure_unprotected($p_user_id);
    }
    $t_email = user_get_field($p_user_id, 'email');
    $t_username = user_get_field($p_user_id, 'username');
    # When the password is changed, invalidate the cookie to expire sessions that
    # may be active on all browsers.
    $t_seed = $t_email . $t_username;
    $c_cookie_string = db_prepare_string(auth_generate_unique_cookie_string($t_seed));
    $c_user_id = db_prepare_int($p_user_id);
    $c_password = db_prepare_string(auth_process_plain_password($p_password));
    $c_user_table = config_get('mantis_user_table');
    $query = "UPDATE {$c_user_table}\n\t\t\t\t  SET password='{$c_password}',\n\t\t\t\t  cookie_string='{$c_cookie_string}'\n\t\t\t\t  WHERE id='{$c_user_id}'";
    db_query($query);
    #db_query() errors on failure so:
    return true;
}

/**
 * Edit Printing preferences
 * @param int $p_user_id user id
 * @param bool $p_error_if_protected error if account protected
 * @param string $p_redirect_url redirect url
 */
function edit_printing_prefs($p_user_id = null, $p_error_if_protected = true, $p_redirect_url = '')
{
    if (null === $p_user_id) {
        $p_user_id = auth_get_current_user_id();
    }
    $c_user_id = db_prepare_int($p_user_id);
    # protected account check
    if ($p_error_if_protected) {
        user_ensure_unprotected($p_user_id);
    }
    $t_user_print_pref_table = db_get_table('user_print_pref');
    if (is_blank($p_redirect_url)) {
        $p_redirect_url = 'print_all_bug_page.php';
    }
    # get the fields list
    $t_field_name_arr = get_field_names();
    $field_name_count = count($t_field_name_arr);
    # Grab the data
    $query = "SELECT print_pref\n\t\t\tFROM {$t_user_print_pref_table}\n\t\t\tWHERE user_id=" . db_param();
    $result = db_query_bound($query, array($c_user_id));
    ## OOPS, No entry in the database yet.  Lets make one
    if (0 == db_num_rows($result)) {
        # create a default array, same size than $t_field_name
        for ($i = 0; $i < $field_name_count; $i++) {
            $t_default_arr[$i] = 1;
        }
        $t_default = implode('', $t_default_arr);
        # all fields are added by default
        $query = "INSERT\n\t\t\t\tINTO {$t_user_print_pref_table}\n\t\t\t\t(user_id, print_pref)\n\t\t\t\tVALUES\n\t\t\t\t(" . db_param() . "," . db_param() . ")";
        $result = db_query_bound($query, array($c_user_id, $t_default));
        # Rerun select query
        $query = "SELECT print_pref\n\t\t\t\tFROM {$t_user_print_pref_table}\n\t\t\t\tWHERE user_id=" . db_param();
        $result = db_query_bound($query, array($c_user_id));
    }
    # putting the query result into an array with the same size as $t_fields_arr
    $row = db_fetch_array($result);
    $t_prefs = $row['print_pref'];
    # Account Preferences Form BEGIN
    $t_index_count = 0;
    ?>
<br />
<div>
<form method="post" action="print_all_bug_options_update.php">
<?php 
    echo form_security_field('print_all_bug_options_update');
    ?>
<input type="hidden" name="user_id" value="<?php 
    echo $p_user_id;
    ?>
" />
<input type="hidden" name="redirect_url" value="<?php 
    echo string_attribute($p_redirect_url);
    ?>
" />
<table class="width75" cellspacing="1">
<tr>
	<td class="form-title">
		<?php 
    echo lang_get('printing_preferences_title');
    ?>
	</td>
	<td class="right">
	</td>
</tr>


<?php 
    # display the checkboxes
    for ($i = 0; $i < $field_name_count; $i++) {
        echo '<tr>';
        ?>

	<th class="category">
		<?php 
        echo lang_get($t_field_name_arr[$i]);
        ?>
	</th>
	<td>
		<input type="checkbox" name="<?php 
        echo 'print_' . $t_field_name_arr[$i];
        ?>
"
		<?php 
        if (isset($t_prefs[$i]) && $t_prefs[$i] == 1) {
            echo 'checked="checked"';
        }
        ?>
 />
	</td>
</tr>

<?php 
    }
    ?>
//.........这里部分代码省略.........

/**
 * Set the user's password to the given string, encoded as appropriate
 *
 * @param int $p_user_id User ID
 * @param string $p_password Password
 * @param bool $p_allow_protected Allow password change to protected accounts [optional - default false]
 * @return bool always true
 */
function user_set_password($p_user_id, $p_password, $p_allow_protected = false)
{
    if (!$p_allow_protected) {
        user_ensure_unprotected($p_user_id);
    }
    $t_email = user_get_field($p_user_id, 'email');
    $t_username = user_get_field($p_user_id, 'username');
    # When the password is changed, invalidate the cookie to expire sessions that
    # may be active on all browsers.
    $c_cookie_string = auth_generate_unique_cookie_string();
    $c_user_id = db_prepare_int($p_user_id);
    $c_password = auth_process_plain_password($p_password);
    $c_user_table = db_get_table('user');
    $query = "UPDATE {$c_user_table}\n\t\t\t\t  SET password=" . db_param() . ",\n\t\t\t\t  cookie_string=" . db_param() . "\n\t\t\t\t  WHERE id=" . db_param();
    db_query_bound($query, array($c_password, $c_cookie_string, $c_user_id));
    # db_query errors on failure so:
    return true;
}

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis.  If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: account_prefs_reset.php,v 1.27.2.1 2007-10-13 22:32:05 giallu Exp $
# --------------------------------------------------------
# CALLERS
#	This page is called from:
#	- account_prefs_inc.php
# EXPECTED BEHAVIOUR
#	- Reset the user's preferences to default values
#	- Redirect to account_prefs_page.php or another page, if given
# CALLS
#	This page conditionally redirects upon completion
# RESTRICTIONS & PERMISSIONS
#	- User must be authenticated
#	- User must not be protected
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'user_pref_api.php';
#============ Parameters ============
$f_user_id = gpc_get_int('user_id');
$f_redirect_url = gpc_get_string('redirect_url', 'account_prefs_page.php');
#============ Permissions ============
# helper_ensure_post();
auth_ensure_user_authenticated();
user_ensure_unprotected($f_user_id);
user_pref_set_default($f_user_id);
print_header_redirect($f_redirect_url, true, true);

/**
 * Update a profile for the user
 * @param int $p_user_id
 * @param int $p_profile_id
 * @param string $p_platform
 * @param string $p_os
 * @param string $p_os_build
 * @param string $p_description
 * @return true
 */
function profile_update( $p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description ) {
	$c_user_id = db_prepare_int( $p_user_id );
	$c_profile_id = db_prepare_int( $p_profile_id );

	if( ALL_USERS != $p_user_id ) {
		user_ensure_unprotected( $p_user_id );
	}

	# platform cannot be blank
	if( is_blank( $p_platform ) ) {
		error_parameters( lang_get( 'platform' ) );
		trigger_error( ERROR_EMPTY_FIELD, ERROR );
	}

	# os cannot be blank
	if( is_blank( $p_os ) ) {
		error_parameters( lang_get( 'operating_system' ) );
		trigger_error( ERROR_EMPTY_FIELD, ERROR );
	}

	# os_build cannot be blank
	if( is_blank( $p_os_build ) ) {
		error_parameters( lang_get( 'version' ) );
		trigger_error( ERROR_EMPTY_FIELD, ERROR );
	}

	$t_user_profile_table = db_get_table( 'user_profile' );

	# Add item
	$query = "UPDATE $t_user_profile_table
				  SET platform=" . db_param() . ",
				  	  os=" . db_param() . ",
					  os_build=" . db_param() . ",
					  description=" . db_param() . "
				  WHERE id=" . db_param() . " AND user_id=" . db_param();
	$result = db_query_bound( $query, Array( $p_platform, $p_os, $p_os_build, $p_description, $c_profile_id, $c_user_id ) );

	# db_query errors on failure so:
	return true;
}

/**
 * delete all preferences for a user in all projects
 * returns true if the prefs were successfully deleted
 *
 * It is far more efficient to delete them all in one query than to
 *  call user_pref_delete() for each one and the code is short so that's
 *  what we do
 * @param integer $p_user_id A valid user identifier.
 * @return void
 */
function user_pref_delete_all($p_user_id)
{
    user_ensure_unprotected($p_user_id);
    $t_query = 'DELETE FROM {user_pref} WHERE user_id=' . db_param();
    db_query($t_query, array($p_user_id));
    user_pref_clear_cache($p_user_id);
}

function user_set_password($p_user_id, $p_password, $p_allow_protected = false)
{
    $c_user_id = db_prepare_int($p_user_id);
    if (!$p_allow_protected) {
        user_ensure_unprotected($p_user_id);
    }
    $t_password = auth_process_plain_password($p_password);
    $t_user_table = config_get('mantis_user_table');
    $query = "UPDATE {$t_user_table}\n\t\t\t\t  SET password='{$t_password}'\n\t\t\t\t  WHERE id='{$c_user_id}'";
    db_query($query);
    #db_query() errors on failure so:
    return true;
}

/**
 * Update a profile for the user
 * @param integer $p_user_id     A valid user identifier.
 * @param integer $p_profile_id  A profile identifier.
 * @param string  $p_platform    Value for profile platform.
 * @param string  $p_os          Value for profile operating system.
 * @param string  $p_os_build    Value for profile operation system build.
 * @param string  $p_description Description of profile.
 * @return void
 */
function profile_update($p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description)
{
    if (ALL_USERS != $p_user_id) {
        user_ensure_unprotected($p_user_id);
    }
    # platform cannot be blank
    if (is_blank($p_platform)) {
        error_parameters(lang_get('platform'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # os cannot be blank
    if (is_blank($p_os)) {
        error_parameters(lang_get('os'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # os_build cannot be blank
    if (is_blank($p_os_build)) {
        error_parameters(lang_get('version'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # Add item
    db_param_push();
    $t_query = 'UPDATE {user_profile}
				  SET platform=' . db_param() . ',
				  	  os=' . db_param() . ',
					  os_build=' . db_param() . ',
					  description=' . db_param() . '
				  WHERE id=' . db_param() . ' AND user_id=' . db_param();
    db_query($t_query, array($p_platform, $p_os, $p_os_build, $p_description, $p_profile_id, $p_user_id));
}

/**
 * Update a profile for the user
 * @param int $p_user_id
 * @param int $p_profile_id
 * @param string $p_platform
 * @param string $p_os
 * @param string $p_os_build
 * @param string $p_description
 * @return true
 */
function profile_update($p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description)
{
    if (ALL_USERS != $p_user_id) {
        user_ensure_unprotected($p_user_id);
    }
    # platform cannot be blank
    if (is_blank($p_platform)) {
        error_parameters(lang_get('platform'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # os cannot be blank
    if (is_blank($p_os)) {
        error_parameters(lang_get('operating_system'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    # os_build cannot be blank
    if (is_blank($p_os_build)) {
        error_parameters(lang_get('version'));
        trigger_error(ERROR_EMPTY_FIELD, ERROR);
    }
    $t_user_profile_table = db_get_table('user_profile');
    # Add item
    $query = "UPDATE {$t_user_profile_table}\n\t\t\t\t  SET platform=" . db_param() . ",\n\t\t\t\t  \t  os=" . db_param() . ",\n\t\t\t\t\t  os_build=" . db_param() . ",\n\t\t\t\t\t  description=" . db_param() . "\n\t\t\t\t  WHERE id=" . db_param() . " AND user_id=" . db_param();
    $result = db_query_bound($query, array($p_platform, $p_os, $p_os_build, $p_description, $p_profile_id, $p_user_id));
}

function user_pref_delete_all($p_user_id)
{
    $c_user_id = db_prepare_int($p_user_id);
    user_ensure_unprotected($p_user_id);
    $t_user_pref_table = config_get('mantis_user_pref_table');
    $query = "DELETE FROM {$t_user_pref_table}\r\n\t\t\t\t  WHERE user_id='{$c_user_id}'";
    db_query($query);
    user_pref_clear_cache($p_user_id);
    # db_query() errors on failure so:
    return true;
}