X-Git-Url: https://projects.mako.cc/source/scuttle/blobdiff_plain/c20b44263a89d8bf1a78bfa632daaae3cb4f1da2..c7f63c8b9b12efd7b3c10b9f80cda06eaf32068f:/services/userservice.php

diff --git a/services/userservice.php b/services/userservice.php
index 1e7ed46..a2709fb 100644
--- a/services/userservice.php
+++ b/services/userservice.php
@@ -1,24 +1,25 @@
 <?php
 class UserService {
-    var $db;
+  var $db;
 
-    function &getInstance(&$db) {
-        static $instance;
-        if (!isset($instance))
-            $instance =& new UserService($db);
-        return $instance;
+  function &getInstance(&$db) {
+    static $instance;
+    if (!isset($instance)) {
+      $instance = new UserService($db);
     }
-
-    var $fields = array(
-        'primary'   =>  'uId',
-        'username'  =>  'username',
-        'password'  =>  'password'
-    );
-    var $profileurl;
-    var $tablename;
-    var $sessionkey;
-    var $cookiekey;
-    var $cookietime = 1209600; // 2 weeks
+    return $instance;
+  }
+
+  var $fields = array(
+    'primary'   => 'uId',
+    'username'  => 'username',
+    'password'  => 'password'
+  );
+  var $profileurl;
+  var $tablename;
+  var $sessionkey;
+  var $cookiekey;
+  var $cookietime = 1209600; // 2 weeks
 
     function UserService(&$db) {
         $this->db =& $db;
@@ -63,8 +64,6 @@ class UserService {
     }
 
     function _randompassword() {
-        $seed = (integer) md5(microtime());
-        mt_srand($seed);
         $password = mt_rand(1, 99999999);
         $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12));
         return $password;
@@ -145,7 +144,7 @@ class UserService {
         return false;
     }
 
-    function login($username, $password, $remember = FALSE) {
+    function login($username, $password, $remember = FALSE, $path = '/') {
         $password = $this->sanitisePassword($password);
         $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"';
 
@@ -158,7 +157,7 @@ class UserService {
             $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')];
             if ($remember) {
                 $cookie = $id .':'. md5($username.$password);
-                setcookie($this->cookiekey, $cookie, time() + $this->cookietime);
+                setcookie($this->cookiekey, $cookie, time() + $this->cookietime, $path);
             }
             return true;
         } else {
@@ -166,8 +165,8 @@ class UserService {
         }
     }
 
-    function logout() {
-        @setcookie($this->cookiekey, NULL, time() - 1);
+    function logout($path = '/') {
+        @setcookie($this->cookiekey, NULL, time() - 1, $path);
         unset($_COOKIE[$this->cookiekey]);
         session_unset();
         $this->getCurrentUser(TRUE, false);
@@ -335,8 +334,8 @@ class UserService {
     }
 
     function isValidEmail($email) {
-        if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) {
-            list($emailUser, $emailDomain) = split("@", $email);
+        if (preg_match("/^((?:(?:(?:\w[\.\-\+_]?)*)\w)+)\@((?:(?:(?:\w[\.\-_]?){0,62})\w)+)\.(\w{2,6})$/i", $email) > 0) {
+            list($emailUser, $emailDomain) = explode("@", $email);
 
             // Check if the email domain has a DNS record
             if ($this->_checkdns($emailDomain)) {
@@ -359,4 +358,3 @@ class UserService {
     function getCookieKey()       { return $this->cookiekey; }
     function setCookieKey($value) { $this->cookiekey = $value; }
 }
-?>