psql db schema test

[mirrors/Kyberia-bloodline.git] / wwwroot / backend / mysql / backend.inc

diff --git a/wwwroot/backend/mysql/backend.inc b/wwwroot/backend/mysql/backend.inc
index 971bb104bd3a7aba4f2f97bbfcd87c67b6789d00..d0a38e77f6c8ff1d7e5c5d4d101768244c473574 100644 (file)
--- a/wwwroot/backend/mysql/backend.inc
+++ b/wwwroot/backend/mysql/backend.inc
@@ -76,7 +76,7 @@ public static function addNode($params) {
 
         $parent_permissions=permissions::checkPerms($parent_id);
 
-        if (!$parent_permissions['w']) {
+        if ((!$parent_permissions['w']) && ($params['flag']!='registration' )) {
                 $error=$error_messages['WRITE_PERMISSION_ERROR'];
                 logger::log('add','error','WRITE_PERMISSION_ERROR');
                 return false;
@@ -698,7 +698,60 @@ public static function getPoll($user_id,$poll_id) {
        return $array;
 }
 
+// XXX
+
+public static function resetPassword($login_id,$login,$vercode,$password) {
+       global $db;
+
+       // Security checks
+       $login = db_escape_string($login);
+       if (!is_numeric($login_id)) {
+               $error="Not numeric id is not numeric. Here, take this stone.";
+               return $error; 
+       } 
+
+       if ($login == '') {
+               $error="Please enter name or id";
+               return $error;
+       }
+
+       if ($login_id == 0) {
+               $set=$db->query("select * from users where login='$login'");
+       } else {
+               $set=$db->query("select * from users where user_id='$login_id'");
+       }
+
+       $set->next();
+       $user_name=$set->getString('login');
+       $user_id=$set->getString('user_id');
+       $hash=$set->getString('hash');  
+
+       if ($hash != $vercode) {
+               $error="Bad verification code!";
+               return $error;
+       }
 
+       $password = sha1($password);
+       $q="update users set password='$password',hash='' where user_id='$user_id'";
+       $db->query($q);
+       
+       $error="OK, password was RE-set";
+       return $error;
+}
+
+// levenshteinLog
+
+// Log user action for later analysis
+// Secure.
+
+public static function levenshteinLog($userid,$nodeid) {
+       global $db;
+
+       $q="insert delayed into levenshtein set user_id='".$userid."',node_id='".$node_id."'";
+       $db->update($q);
+       
 }
 
+
+}
 ?>