add file exists for images

[Pman.Core] / DataObjects / Core_person.php

diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index 01611b5..f473b5c 100644 (file)
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -334,7 +334,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         if (empty($_SERVER['PATH_INFO']) ||  $_SERVER['PATH_INFO'] == '/Login') {
             $auto_auth_allow  = false;
         }
-        //var_dump($auto_auth_allow);
+         //var_dump($auto_auth_allow);
         // local auth - 
         $default_admin = false;
         if ($auto_auth_allow) {
@@ -384,6 +384,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         $u = DB_DataObject::factory($this->tableName());
         $u->whereAdd(' LENGTH(passwd) > 0');
         $n = $u->count();
+        if (empty($_SESSION[get_class($this)]) || !is_array($_SESSION[get_class($this)])) { 
+            $_SESSION[get_class($this)] = array();
+        }
         $_SESSION[get_class($this)][$sesPrefix .'-empty']  = $n;
         if (class_exists('PEAR')) {
             $error =  PEAR::getStaticProperty('DB_DataObject','lastError');
@@ -537,7 +540,58 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         $month = $m > -1 ? date('Y-m') : date('Y-m', strtotime('LAST MONTH'));
         
         return md5(implode(',' ,  array($month, $this->email , $this->passwd, $this->id)));
-    } 
+    }
+    /**
+     * When we generate autologin urls:
+     * eg. /Somesite/Test/12
+     * it will generate:
+     * /Somesite/Test/12/{datetime}/{sha256(url + expires_datetime + password)}
+     *
+     * eg. genAutoLoginURL($sub, $expires)
+     */
+    function genAutoLoginURL($url, $expires = false)  
+    {
+        $expires = $expires  === false ? strtotime("NOW + 1 WEEK") : $expires;
+        //echo serialize(array($url, $expires, $this->email, $this->passwd));
+        //echo hash('sha256', serialize(array($url, $expires, $this->email, $this->passwd)));
+        
+        return $url.'/'.$this->id .'/'.$expires.'/'.
+            hash('sha256',
+                serialize(
+                    array($url, $expires, $this->email,$this->passwd)
+                )
+            );
+        
+    }
+    
+    function validateAutoLogin($called)
+    {
+        $bits = explode("/",$called);
+        if (count($bits) < 4) {
+            return false; // unrelated.
+        }
+        $hash = array_pop($bits);
+        $time = array_pop($bits);
+        
+        $id = array_pop($bits);
+        if (!is_numeric($time) || !is_numeric($id)) {
+            return false; // wrong format.
+        }
+        $u = DB_DataObject::Factory($this->tableName());
+        $u->get($id);
+        $url = implode("/", $bits);
+        if ($time < time()) {
+            return "Expired";
+        }
+        //echo serialize(array('/'.$url, $time, $u->email, $u->passwd));
+        //echo hash('sha256', serialize(array('/'.$url, $time, $u->email, $u->passwd)));
+        if ($hash == hash('sha256', serialize(array('/'.$url, $time*1, $u->email, $u->passwd)))) {
+            $u->login();
+            return $u;
+        }
+        return false;
+    }
+    
     
     function checkTwoFactorAuthentication($val)
     {
@@ -953,6 +1007,25 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
                 )"
             );
         }
+        if(!empty($q['in_group_starts'])){
+            
+            $v = $this->escape($q['in_group_starts']);
+            
+            $this->whereAdd("
+                $tn_p.id IN (
+                    SELECT 
+                        DISTINCT(user_id) FROM $tn_gm
+                    LEFT JOIN
+                        $tn_g
+                    ON
+                        $tn_g.id = $tn_gm.group_id
+                    WHERE 
+                        $tn_g.name LIKE '{$v}%'
+                )"
+            );
+        }
+        
+        
         
         // #2307 Search Country!!
         if (!empty($q['query']['in_country'])) {