migration to db_user to prevent sql injections
[iserv-mod-error-reporter.git] / inc / functions.inc
1 <?php
2 /**
3 * functions.php
4 * Additional functions for iserv-moderror-reporter
5 * @author Roland Hieber (roland.hieber@wilhelm-gym.net)
6 * @date 20.10.2007
7 *
8 * Copyright © 2007 Roland Hieber
9 *
10 * Permission is hereby granted, free of charge, to any person obtaining
11 * copy of this software and associated documentation files (the "Software"),
12 * to deal in the Software without restriction, including without limitation
13 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
14 * and/or sell copies of the Software, and to permit persons to whom the
15 * Software is furnished to do so, subject to the following conditions:
16 *
17 * The above copyright notice and this permission notice shall be included in
18 * all copies or substantial portions of the Software.
19 *
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 * THE SOFTWARE.
27 */
28
29 require_once("share.inc");
30 /**
31 * @page error-reporter_errorcodes Error Codes
32 * @{
33 */
34 /** Access denied. This can be due to missing access rights. */
35 define("ER_ERROR_ACCESS_DENIED", _c("error-reporter:Access denied"));
36 /**
37 * Error while querying the database, maybe due to a lost connection to the
38 * server
39 */
40 define("ER_ERROR_SQL", _c("error-reporter:Error while trying to query the ".
41 "database"));
42 /** Error while trying to open a file */
43 define("ER_ERROR_OPEN_FILE", _c("error-reporter:Could not open file"));
44 /** Error while trying to write a file */
45 define("ER_ERROR_WRITE_FILE", _c("error-reporter:Could not write to file"));
46 /** Error while trying to lock a file */
47 define("ER_ERROR_LOCK_FILE", _c("error-reporter:Could not lock file"));
48 /** Error while trying to unlock a file */
49 define("ER_ERROR_UNLOCK_FILE", _c("error-reporter:Could not unlock file"));
50 /**
51 * @}
52 */
53
54 static $ercLastError = null;
55 /**
56 * @todo use exceptions
57 * Set the last error.
58 * Call this function to set the error that occured last.
59 * @param $cError (constant) Error code, see @ref error-reporter_errorcodes
60 * for a list of constants.
61 */
62 function setLastError($cError) { $GLOBALS["ercLastError"] = $cError; }
63 /**
64 * Get the error that occured last.
65 * @return (constant) Error code, see @ref error-reporter_errorcodes for a list
66 * of constants.
67 */
68 function getLastError() { return $GLOBALS["ercLastError"]; }
69
70 /**
71 * Print the error that occured last
72 * @return void
73 */
74 function printLastError() {
75 echo sprintf("<p class='err'>%s %s</p>", _c("error-reporter:An error ".
76 "occured:"), getLastError());
77 }
78
79 /**
80 * Determine if the specified user exists
81 * @param $strAct (string) Account name of the user
82 * @return (bool / null) If the function fails, it returns <tt>null</tt>.
83 * @throws Exception
84 */
85 function erIsAct($strAct) {
86 $hQuery = db_query("SELECT * FROM users WHERE act = $1;", $strAct);
87 if(!is_resource($hQuery)) {
88 throw new Exception(ER_ERROR_SQL);
89 return null;
90 }
91 return (pg_num_rows($hQuery) > 0);
92 }
93
94 /**
95 * Get the real user name for an account name
96 * @param $strAct (string) Account name of the user to look up
97 * @return (string) The real name of the user. If the function fails, it
98 * returns <tt>null</tt>.
99 * @throws Exception
100 */
101 function erGetRealUserName($strAct) {
102 $hQuery = db_query("SELECT firstname, lastname FROM users WHERE act = $1;",
103 $strAct);
104 if(!is_resource($hQuery)) {
105 throw new Exception(ER_ERROR_SQL);
106 return null;
107 }
108 if(pg_num_rows($hQuery) == 0) {
109 return $strAct; // User not found in database, return account name
110 }
111 $arResult = pg_fetch_array($hQuery);
112 return user_join_name($arResult);
113 }
114
115 /**
116 * Determine if a specified group exists
117 * @param $strAct (string) Account name of the group
118 * @return (bool / null) If the function fails, it returns <tt>null</tt>.
119 * @throws Exception
120 */
121 function erIsGroup($strAct) {
122 $hQuery = db_query(sprintf("SELECT * FROM groups WHERE act=%s;",
123 qdb($strAct)));
124 if(!is_resource($hQuery)) {
125 throw new Exception(ER_ERROR_SQL);
126 return null;
127 }
128 return (pg_num_rows($hQuery) > 0);
129 }
130
131 /**
132 * Look up the name of a group
133 * @param $strAct (string) Account name of the group
134 * @return (string) The name of the group. If the function fails, it returns
135 * <tt>null</tt>.
136 * @throws Exception
137 */
138 function erGetGroupName($strAct) {
139 $hQuery = db_query(sprintf("SELECT * FROM groups WHERE act=%s;",
140 qdb($strAct)));
141 if(!is_resource($hQuery)) {
142 throw new Exception(ER_ERROR_SQL);
143 return null;
144 }
145 if(pg_num_rows($hQuery) == 0) {
146 return $strAct; // Group not found in database, return account name
147 }
148 $arResult = pg_fetch_array($hQuery);
149 return $arResult["name"];
150 }
151
152 /**
153 * Create a link to write a mail to the specified account name.
154 * This function returns a link if the specified account exists, otherwise it
155 * returns the account name.
156 * @param $strAct (string) Account name
157 * @return string
158 */
159 function erMailToUserLink($strAct) {
160 if(!erIsAct($strAct)) {
161 return $strAct;
162 }
163 return popup(relroot("msg/write/?to=".user_mail_addr($strAct)),
164 600, 400, erGetRealUserName($strAct));
165 }
166
167 /**
168 * Determine if a specified string is a valid mail address
169 * @param $strAddr string
170 * @return string
171 */
172 function erIsMailAddress($strAddr) {
173 return ((preg_match("/([a-zA-Z0-9_\-\.]*(@[a-zA-Z0-9\-\.]*)?(\s*,\s*)?)+/",
174 $strAddr) > 0) and (preg_match("/(\s*,\s*)$/", $strAddr) == 0));
175 }
176
177 function erInsertLog($sMsg) {
178 log_insert($sMsg, null, "Error Report Wizard");
179 }
180 ?>
This page took 0.051214 seconds and 5 git commands to generate.