= 0) { User::performPublicAction($action, $redir); } } return false; } static public function userLogin($journal, $login, $password) { $res = DB::aQuery('SELECT 1 FROM acces_prives WHERE journal="'.DB::esc($journal).'" AND login="'.DB::esc($login).'" AND password="'.DB::esc($password).'";'); if (!empty($res[0][0])) { setcookie('access', str_rot13($login).'$'.md5(LENCRIER_SECRET_KEY . $journal . $login), 0, '/'); return true; } return false; } public function __construct($id) { $this->id = DB::esc($id); } public function getList() { return DB::aQuery('SELECT acces_prives.id, acces_prives.membre, IF(acces_prives.login IS NULL, SUBSTRING_INDEX(membres.email, "@", 1) , acces_prives.login) AS login, acces_prives.password FROM acces_prives LEFT JOIN membres ON (membres.id = acces_prives.membre) WHERE acces_prives.journal="'.$this->id.'" ORDER BY login ASC;'); } public function addInternal($email) { if (is_numeric($email)) { if (!user::getEmailFromId((int)$email)) return false; else $id = (int)$email; } else { $id = user::getIdFromEmail($email); } if (!$id) return false; DB::uQuery('INSERT IGNORE INTO acces_prives (journal, membre) VALUES ("'.$this->id.'", "'.(int)$id.'");'); return true; } public function addExternal($login, $password) { $res = DB::aQuery('SELECT 1 FROM acces_prives WHERE acces_prives.journal="'.$this->id.'" AND acces_prives.login="'.DB::esc($login).'";'); if (!empty($res[0][0])) return false; DB::uQuery('INSERT IGNORE INTO acces_prives (journal, login, password) VALUES ("'.$this->id.'", "'.DB::esc($login).'", "'.DB::esc($password).'");'); return true; } public function delete($id) { DB::uQuery('DELETE FROM acces_prives WHERE journal="'.$this->id.'" AND id="'.(int)$id.'";'); return true; } } ?>