merged 3.2 code

[nucleus-jp/nucleus-jp-ancient.git] / euc / nucleus / libs / MEMBER.php

<?php\r
\r
/**\r
  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
  * Copyright (C) 2002-2005 The Nucleus Group\r
  *\r
  * This program is free software; you can redistribute it and/or\r
  * modify it under the terms of the GNU General Public License\r
  * as published by the Free Software Foundation; either version 2\r
  * of the License, or (at your option) any later version.\r
  * (see nucleus/documentation/index.html#license for more info)\r
  *\r
  * A class representing site members\r
  *\r
  * $Id: MEMBER.php,v 1.5 2005-03-16 08:10:35 kimitake Exp $\r
  * $NucleusJP: MEMBER.php,v 1.4 2005/03/12 06:19:05 kimitake Exp $\r
  */\r
class MEMBER {\r
\r
        // 1 when authenticated, 0 when not\r
        var $loggedin;\r
        var $password;          // not the actual password, but rather a MD5 hash       \r
\r
        var $cookiekey;         // value that should also be in the client cookie to allow authentication\r
        \r
        // member info\r
        var $id;\r
        var $realname;\r
        var $displayname;\r
        var $email;\r
        var $url;\r
        var $language;          // name of the language file to use (e.g. 'english' -> english.php)\r
        var $admin;                     // (either 0 or 1)\r
        var $canlogin;          // (either 0 or 1)\r
        var $notes;\r
\r
        // (private)\r
        function MEMBER() {\r
\r
        }\r
        \r
        // (static)\r
        function createFromName($displayname) {\r
                $mem =& new MEMBER();\r
                $mem->readFromName($displayname);\r
                return $mem;\r
        }\r
        \r
        // (static)\r
        function createFromID($id) {\r
                $mem =& new MEMBER();\r
                $mem->readFromID($id);\r
                return $mem;\r
        }\r
        \r
        function readFromName($displayname) {\r
                return $this->read("mname='".addslashes($displayname)."'");\r
        }\r
        \r
        function readFromID($id) {\r
                return $this->read("mnumber=" . intval($id));\r
        }\r
        \r
        /**\r
          * Tries to login as a given user. Returns true when succeeded, \r
          * returns false when failed\r
          */\r
        function login($login, $password) {\r
                $this->loggedin = 0;\r
                if (!$this->readFromName($login))\r
                        return 0;\r
                if (!$this->checkPassword($password)) \r
                        return 0;\r
                $this->loggedin = 1;\r
                return $this->isLoggedIn();\r
        }\r
        \r
        // login using cookie key\r
        function cookielogin($login, $cookiekey) {\r
                $this->loggedin = 0;\r
                if (!$this->readFromName($login))\r
                        return 0;\r
                if (!$this->checkCookieKey($cookiekey))\r
                        return 0;\r
                $this->loggedin = 1;\r
                return $this->isLoggedIn();\r
        }\r
        \r
        function logout() {\r
                $this->loggedin=0;\r
        }\r
        \r
        function isLoggedIn() {\r
                return $this->loggedin;\r
        }\r
        \r
        function read($where) {\r
                // read info\r
                $query =  'SELECT * FROM '.sql_table('member') . ' WHERE ' . $where;\r
                \r
                $res = sql_query($query);\r
                $obj = mysql_fetch_object($res);\r
                \r
                $this->setRealName($obj->mrealname);\r
                $this->setEmail($obj->memail);\r
                $this->password = $obj->mpassword;\r
                $this->setCookieKey($obj->mcookiekey);          \r
                $this->setURL($obj->murl);\r
                $this->setDisplayName($obj->mname);\r
                $this->setAdmin($obj->madmin);\r
                $this->id = $obj->mnumber;\r
                $this->setCanLogin($obj->mcanlogin);\r
                $this->setNotes($obj->mnotes);\r
                $this->setLanguage($obj->deflang);              \r
                        \r
                return mysql_num_rows($res);\r
        }\r
        \r
        \r
        /**\r
          * Returns true if member is an admin for the given blog\r
          * (returns false if not a team member)\r
          */\r
        function isBlogAdmin($blogid) {\r
                $query = 'SELECT tadmin FROM '.sql_table('team').' WHERE'\r
                       . ' tblog=' . intval($blogid)\r
                       . ' and tmember='. $this->getID();\r
                $res = sql_query($query);\r
                if (mysql_num_rows($res) == 0)\r
                        return 0;\r
                else\r
                        return (mysql_result($res,0,0) == 1) ;                 \r
        }\r
        \r
        function blogAdminRights($blogid) {\r
                return ($this->isAdmin() || $this->isBlogAdmin($blogid));\r
        }\r
\r
                \r
        function teamRights($blogid) {\r
                return ($this->isAdmin() || $this->isTeamMember($blogid));\r
        }\r
        \r
        /**\r
          * Returns true if this member is a team member of the given blog\r
          */\r
        function isTeamMember($blogid) {\r
                $query = 'SELECT * FROM '.sql_table('team').' WHERE'\r
                       . ' tblog=' . intval($blogid)\r
                       . ' and tmember='. $this->getID();\r
                return (mysql_num_rows(sql_query($query)) != 0);\r
        }\r
        \r
        /**\r
          * Returns true if this member can edit/delete a commentitem. This can be in the\r
          * following cases:\r
          *       - member is a super-admin\r
          *   - member is the author of the comment\r
          *   - member is admin of the blog associated with the comment\r
          *   - member is author of the item associated with the comment\r
          */\r
        function canAlterComment($commentid) {\r
                if ($this->isAdmin()) return 1;\r
        \r
                $query =  'SELECT citem as itemid, iblog as blogid, cmember as cauthor, iauthor'\r
                       . ' FROM '.sql_table('comment') .', '.sql_table('item').', '.sql_table('blog')\r
                       . ' WHERE citem=inumber and iblog=bnumber and cnumber=' . intval($commentid);\r
                $obj = mysql_fetch_object(sql_query($query));\r
                \r
                return ($obj->cauthor == $this->getID()) or $this->isBlogAdmin($obj->blogid) or ($obj->iauthor == $this->getID());\r
        }       \r
        \r
        /**\r
          * Returns true if this member can edit/delete an item. This is true in the following\r
          * cases: - member is a super-admin\r
          *            - member is the author of the item\r
          *        - member is admin of the the associated blog\r
          */\r
        function canAlterItem($itemid) {\r
                if ($this->isAdmin()) return 1;\r
                \r
                $query =  'SELECT iblog, iauthor FROM '.sql_table('item').' WHERE inumber=' . intval($itemid);\r
                $obj = mysql_fetch_object(sql_query($query));\r
                return ($obj->iauthor == $this->getID()) or $this->isBlogAdmin($obj->iblog);\r
        }\r
        \r
        /**\r
          * returns true if this member can move/update an item to a given category, \r
          * false if not (see comments fot the tests that are executed)\r
          *\r
          * @param itemid\r
          * @param newcat (can also be of form 'newcat-x' with x=blogid)\r
          */\r
        function canUpdateItem($itemid, $newcat) {\r
                global $manager;\r
                \r
                // item does not exists -> NOK\r
                if (!$manager->existsItem($itemid,1,1)) return 0;\r
                \r
                // cannot alter item -> NOK\r
                if (!$this->canAlterItem($itemid)) return 0;\r
                \r
                // if this is a 'newcat' style newcat\r
                // no blog admin of destination blog -> NOK\r
                // blog admin of destination blog -> OK\r
                if (strstr($newcat,'newcat')) {\r
                        // get blogid \r
                        list($blogid) = sscanf($newcat,'newcat-%d');\r
                        return $this->blogAdminRights($blogid);\r
                } \r
\r
                // category does not exist -> NOK\r
                if (!$manager->existsCategory($newcat)) return 0;\r
\r
                \r
                // get item\r
                $item =& $manager->getItem($itemid,1,1);\r
                \r
                // old catid = new catid -> OK\r
                if ($item['catid'] == $newcat) return 1;\r
\r
                // not a valid category -> NOK\r
                $validCat = quickQuery('SELECT COUNT(*) AS result FROM '.sql_table('category').' WHERE catid='.intval($newcat));\r
                if (!$validCat) return 0;\r
                \r
                // get destination blog\r
                $source_blogid = getBlogIDFromItemID($itemid);\r
                $dest_blogid = getBlogIDFromCatID($newcat);\r
                \r
                // not a team member of destination blog -> NOK\r
                if (!$this->teamRights($dest_blogid)) return 0;\r
\r
                // if member is author of item -> OK\r
                if ($item['authorid'] == $this->getID()) return 1;\r
                \r
                // if member has admin rights on both blogs: OK\r
                if (($this->blogAdminRights($dest_blogid)) && ($this->blogAdminRights($source_blogid))) return 1;\r
                \r
                // all other cases: NOK\r
                return 0;\r
                \r
        }\r
        \r
        function canAddItem($catid) {\r
                global $manager;\r
                \r
                // if this is a 'newcat' style newcat\r
                // no blog admin of destination blog -> NOK\r
                // blog admin of destination blog -> OK\r
                if (strstr($catid,'newcat')) {\r
                        // get blogid \r
                        list($blogid) = sscanf($catid,"newcat-%d");\r
                        return $this->blogAdminRights($blogid);\r
                } \r
                \r
                // category does not exist -> NOK\r
                if (!$manager->existsCategory($catid)) return 0;\r
\r
                $blogid = getBlogIDFromCatID($catid);\r
\r
                // no team rights for blog -> NOK\r
                if (!$this->teamRights($blogid)) return 0;\r
\r
                // all other cases: OK\r
                return 1;\r
        }\r
        \r
        /** \r
          * Return true if member can be deleted. This means that there are no items or comments\r
          * posted by the member\r
          */\r
        function canBeDeleted() {\r
                $res = sql_query('SELECT * FROM '.sql_table('item').' WHERE iauthor=' . $this->getID());\r
                $res2 = sql_query('SELECT * FROM '.sql_table('comment').' WHERE cmember=' . $this->getID());\r
                return ((mysql_num_rows($res) == 0) and (mysql_num_rows($res2)==0));\r
        }\r
\r
        /** \r
          * Sets the cookies for the member\r
          *\r
          * @param shared\r
          *             set this to 1 when using a shared computer. Cookies will expire\r
          *             at the end of the session in this case.\r
          */\r
        function setCookies($shared = 0) {\r
                global $CONF;\r
                \r
                if ($CONF['SessionCookie'] || $shared)\r
                        $lifetime = 0;\r
                else\r
                        $lifetime = (time()+2592000);\r
                        \r
                setcookie($CONF['CookiePrefix'] .'user',$this->getDisplayName(),$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']);\r
                setcookie($CONF['CookiePrefix'] .'loginkey', $this->getCookieKey(),$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']);\r
\r
                // make sure cookies on shared pcs don't get renewed\r
                if ($shared)\r
                        setcookie($CONF['CookiePrefix'] .'sharedpc', '1',$lifetime,$CONF['CookiePath'],$CONF['CookieDomain'],$CONF['CookieSecure']);\r
        }\r
        \r
        function sendActivationLink($type, $extra='') \r
        {\r
                global $CONF;\r
                \r
                // generate key and URL\r
                $key = $this->generateActivationEntry($type, $extra);\r
                $url = $CONF['AdminURL'] . 'index.php?action=activate&key=' . $key;\r
                \r
                // choose text to use in mail\r
                switch ($type)\r
                {\r
                        case 'register':\r
                                $message = _ACTIVATE_REGISTER_MAIL;                     \r
                                $title = _ACTIVATE_REGISTER_MAILTITLE;\r
                                break;\r
                        case 'forgot':\r
                                $message = _ACTIVATE_FORGOT_MAIL;                       \r
                                $title = _ACTIVATE_FORGOT_MAILTITLE;\r
                                break;\r
                        case 'addresschange':\r
                                $message = _ACTIVATE_CHANGE_MAIL;\r
                                $title = _ACTIVATE_CHANGE_MAILTITLE;                            \r
                                break;\r
                        default;\r
                }\r
\r
                // fill out variables in text\r
                \r
                $aVars = array(\r
                        'siteName' => $CONF['SiteName'],\r
                        'siteUrl' => $CONF['IndexURL'],\r
                        'memberName' => $this->getDisplayName(),\r
                        'activationUrl' => $url\r
                );\r
\r
                $message = TEMPLATE::fill($message, $aVars);            \r
                $title = TEMPLATE::fill($title, $aVars);                \r
                \r
                // send mail\r
                \r
                mb_language('ja');\r
                mb_internal_encoding(_CHARSET);\r
                @mb_send_mail($this->getEmail(), $title ,$message,'From: ' . $CONF['AdminEmail']);\r
                \r
                ACTIONLOG::add(INFO, _ACTIONLOG_ACTIVATIONLINK . ' (' . $this->getDisplayName() . ' / type: ' . $type . ')'); \r
                \r
\r
        }\r
        \r
        /** \r
          * Returns an array of all blogids for which member has admin rights\r
          */\r
        function getAdminBlogs() {\r
                $blogs = array();\r
                \r
                if ($this->isAdmin())\r
                        $query = 'SELECT bnumber as blogid from '.sql_table('blog');\r
                else\r
                        $query = 'SELECT tblog as blogid from '.sql_table('team').' where tadmin=1 and tmember=' . $this->getID();\r
                        \r
                $res = sql_query($query);\r
                if (mysql_num_rows($res) > 0) {\r
                        while ($obj = mysql_fetch_object($res)) {\r
                                array_push($blogs, $obj->blogid);\r
                        }\r
                }\r
                \r
                return $blogs;\r
        }\r
        \r
        /**\r
          * Returns an email address from which notification of commenting/karma voting can\r
          * be sent. A suggestion can be given for when the member is not logged in\r
          */\r
        function getNotifyFromMailAddress($suggest = "") {\r
                global $CONF;\r
                if ($this->isLoggedIn()) {\r
                        return $this->getDisplayName() . " <" . $this->getEmail() . ">"; \r
                } else if (isValidMailAddress($suggest)) {\r
                        return $suggest;\r
                } else {\r
                        return $CONF['AdminEmail'];\r
                }\r
        }\r
\r
        /**\r
          * Write data to database\r
          */\r
        function write() {\r
\r
                $query =  'UPDATE '.sql_table('member')\r
                       . " SET mname='" . addslashes($this->getDisplayName()) . "',"\r
                       . "     mrealname='". addslashes($this->getRealName()) . "',"\r
                       . "     mpassword='". addslashes($this->getPassword()) . "',"\r
                       . "     mcookiekey='". addslashes($this->getCookieKey()) . "',"                 \r
                       . "     murl='" . addslashes($this->getURL()) . "',"\r
                       . "     memail='" . addslashes($this->getEmail()) . "',"\r
                       . "     madmin=" . $this->isAdmin() . ","\r
                       . "     mnotes='" . addslashes($this->getNotes()) . "',"\r
                       . "     mcanlogin=" . $this->canLogin() . ","\r
                       . "         deflang='" . addslashes($this->getLanguage()) . "'"\r
                       . " WHERE mnumber=" . $this->getID();\r
                sql_query($query);\r
        }\r
        \r
        function checkPassword($pw) {\r
                return (md5($pw) == $this->getPassword());\r
        }\r
        \r
        function checkCookieKey($key) {\r
                return (($key != '') && ($key == $this->getCookieKey()));\r
        }\r
        \r
        function getRealName() {\r
                return $this->realname;\r
        }\r
        \r
        function setRealName($name) {\r
                $this->realname = $name;\r
        }\r
        \r
        function getEmail() {\r
                return $this->email;\r
        }\r
        \r
        function setEmail($email) {\r
                $this->email = $email;\r
        }\r
        \r
        function getPassword() {\r
                return $this->password;\r
        }\r
        \r
        function setPassword($pwd) {\r
                $this->password = md5($pwd);\r
        }\r
        \r
        function getCookieKey() {\r
                return $this->cookiekey;\r
        }\r
        \r
        /**\r
          * Generate new cookiekey, save it, and return it\r
          */\r
        function newCookieKey() {\r
                mt_srand( (double) microtime() * 1000000);\r
                $this->cookiekey = md5(uniqid(mt_rand()));\r
                $this->write();\r
                return $this->cookiekey;\r
        }\r
        \r
        function setCookieKey($val) {\r
                $this->cookiekey = $val;\r
        }\r
\r
        function getURL() {\r
                return $this->url;\r
        }\r
        \r
        function setURL($site) {\r
                $this->url = $site;\r
        }\r
        \r
        function getLanguage() {\r
                return $this->language;\r
        }\r
        \r
        function setLanguage($lang) {\r
                $this->language = $lang;\r
        }\r
        \r
        function setDisplayName($nick) {\r
                $this->displayname = $nick;\r
        }\r
        \r
        function getDisplayName() {\r
                return $this->displayname;\r
        }\r
        \r
        function isAdmin() {\r
                return $this->admin;\r
        }\r
        \r
        function setAdmin($val) {\r
                $this->admin = $val;\r
        }\r
        \r
        function canLogin() {\r
                return $this->canlogin;\r
        }\r
        \r
        function setCanLogin($val) {\r
                $this->canlogin = $val;\r
        }\r
\r
        function getNotes() {\r
                return $this->notes;\r
        }\r
        \r
        function setNotes($val) {\r
                $this->notes = $val;\r
        }\r
        \r
        function getID() {\r
                return $this->id;\r
        }\r
\r
        // returns true if there is a member with the given login name (static)\r
        function exists($name) {\r
                $r = sql_query('select * FROM '.sql_table('member')." WHERE mname='".addslashes($name)."'");\r
                return (mysql_num_rows($r) != 0);\r
        }\r
\r
        // returns true if there is a member with the given ID (static)\r
        function existsID($id) {\r
                $r = sql_query('select * FROM '.sql_table('member')." WHERE mnumber='".intval($id)."'");\r
                return (mysql_num_rows($r) != 0);\r
        }\r
        \r
        // checks if a username is protected. If so, it can not be used on anonymous comments\r
        function isNameProtected($name) {\r
                \r
                // extract name\r
                $name = strip_tags($name);      \r
                $name = trim($name);            \r
                \r
                return MEMBER::exists($name);\r
        }\r
        \r
        // adds a new member (static)\r
        function create($name, $realname, $password, $email, $url, $admin, $canlogin, $notes) {\r
                if (!isValidMailAddress($email))\r
                        return _ERROR_BADMAILADDRESS;\r
\r
                if (!isValidDisplayName($name))\r
                        return _ERROR_BADNAME;\r
\r
                if (MEMBER::exists($name))\r
                        return _ERROR_NICKNAMEINUSE;    \r
\r
                if (!$realname)\r
                        return _ERROR_REALNAMEMISSING;\r
\r
                if (!$password)\r
                        return _ERROR_PASSWORDMISSING;                  \r
\r
                // Sometimes user didn't prefix the URL with http://, this cause a malformed URL. Let's fix it.\r
                if (!eregi("^https?://", $url))\r
                        $url = "http://".$url;\r
\r
                $name = addslashes($name);\r
                $realname = addslashes($realname);\r
                $password = addslashes(md5($password));\r
                $email = addslashes($email);\r
                $url = addslashes($url);\r
                $admin = intval($admin);\r
                $canlogin = intval($canlogin);\r
                $notes = addslashes($notes);\r
\r
                $query = 'INSERT INTO '.sql_table('member')." (MNAME,MREALNAME,MPASSWORD,MEMAIL,MURL, MADMIN, MCANLOGIN, MNOTES) "\r
                       . "VALUES ('$name','$realname','$password','$email','$url',$admin, $canlogin, '$notes')";\r
                sql_query($query);\r
                \r
                ACTIONLOG::add(INFO, _ACTIONLOG_NEWMEMBER . ' ' . $name);               \r
\r
                return 1;\r
        }       \r
        \r
        /**\r
         * Returns activation info for a certain key (an object with properties vkey, vmember, ...)\r
         * (static)\r
         *\r
         * @author karma\r
         */\r
        function getActivationInfo($key)\r
        {\r
                $query = 'SELECT * FROM ' . sql_table('activation') . ' WHERE vkey=\'' . addslashes($key). '\'';\r
                $res = sql_query($query);\r
\r
                if (!$res || (mysql_num_rows($res) == 0))\r
                        return 0;\r
                else\r
                        return mysql_fetch_object($res);\r
        }\r
        \r
        /**\r
         * Creates an account activation key\r
         *\r
         * @param $type one of the following values (determines what to do when activation expires)\r
         *                'register' (new member registration)\r
         *                'forgot' (forgotton password)\r
         *                'addresschange' (member address has changed)\r
         * @param $extra extra info (needed when validation link expires)\r
         *                                addresschange -> old email address\r
         * @author dekarma\r
         */\r
        function generateActivationEntry($type, $extra = '') \r
        {\r
                // clean up old entries\r
                $this->cleanupActivationTable();\r
        \r
                // kill any existing entries for the current member (delete is ok)\r
                // (only one outstanding activation key can be present for a member)\r
                sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . intval($this->getID()));\r
\r
                $canLoginWhileActive = false; // indicates if the member can log in while the link is active \r
                switch ($type)\r
                {\r
                        case 'forgot':\r
                                $canLoginWhileActive = true;\r
                                break;\r
                        case 'register':\r
                                break;\r
                        case 'addresschange':\r
                                $extra = $extra . '/' . ($this->canLogin() ? '1' : '0');\r
                                break;\r
                }\r
                \r
                $ok = false;\r
                while (!$ok)\r
                {\r
                        // generate a random key\r
                        srand((double)microtime()*1000000);\r
                        $key = md5(uniqid(rand(), true));\r
                        \r
                        // attempt to add entry in database\r
                        // add in database as non-active\r
                        $query = 'INSERT INTO ' . sql_table('activation'). ' (vkey, vtime, vmember, vtype, vextra) ';\r
                        $query .= 'VALUES (\'' . addslashes($key). '\', \'' . date('Y-m-d H:i:s',time()) . '\', \'' . intval($this->getID()). '\', \'' . addslashes($type). '\', \'' . addslashes($extra). '\')';\r
                        if (sql_query($query))\r
                                $ok = true;\r
                }\r
                \r
                // mark member as not allowed to log in\r
                if (!$canLoginWhileActive)\r
                {\r
                        $this->setCanLogin(0);\r
                        $this->write(); \r
                }\r
                \r
                // return the key\r
                return $key;\r
        }\r
        \r
        /**\r
         * Inidicates that an activation link has been clicked and any forms displayed\r
         * there have been successfully filled out.\r
         * @author dekarma\r
         */\r
        function activate($key) \r
        {\r
                // get activate info\r
                $info = MEMBER::getActivationInfo($key);\r
                \r
                // no active key\r
                if (!$info)\r
                        return false;\r
                        \r
                switch ($info->vtype) \r
                {\r
                        case 'forgot':\r
                                // nothing to do\r
                                break;\r
                        case 'register':\r
                                // set canlogin value\r
                                global $CONF;\r
                                sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($CONF['NewMemberCanLogon']). ' WHERE mnumber=' . intval($info->vmember));\r
                                break;\r
                        case 'addresschange':\r
                                // reset old 'canlogin' value\r
                                list($oldEmail, $oldCanLogin) = explode('/', $info->vextra);\r
                                sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($oldCanLogin). ' WHERE mnumber=' . intval($info->vmember));\r
                                break;\r
                }\r
                \r
                // delete from activation table\r
                sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vkey=\'' . addslashes($key) . '\'');\r
                \r
                // success!\r
                return true;\r
        }\r
        \r
        /**\r
         * Cleans up entries in the activation table. All entries older than 2 days are removed.\r
         * (static)\r
         *\r
         * @author dekarma\r
         */\r
        function cleanupActivationTable() \r
        {\r
                $boundary = time() - (60 * 60 * 24 * 2);\r
                \r
                // 1. walk over all entries, and see if special actions need to be performed\r
                $res = sql_query('SELECT * FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\'');\r
                \r
                while ($o = mysql_fetch_object($res))\r
                {\r
                        switch ($o->vtype)\r
                        {\r
                                case 'register':\r
                                        // delete all information about this site member. registration is undone because there was\r
                                        // no timely activation\r
                                        include_once($DIR_LIBS . 'ADMIN.php');\r
                                        ADMIN::deleteOneMember(intval($o->vmember));\r
                                        break;\r
                                case 'addresschange':\r
                                        // revert the e-mail address of the member back to old address\r
                                        list($oldEmail, $oldCanLogin) = explode('/', $o->vextra);\r
                                        sql_query('UPDATE ' . sql_table('member') . ' SET mcanlogin=' . intval($oldCanLogin). ', memail=\'' . addslashes($oldEmail). '\' WHERE mnumber=' . intval($o->vmember));\r
                                        break;                                  \r
                                case 'forgot':\r
                                        // delete the activation link and ignore. member can request a new password using the \r
                                        // forgot password link\r
                                        break;\r
                        }\r
                }\r
                \r
                // 2. delete activation entries for real\r
                sql_query('DELETE FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\'');\r
        }\r
\r
}\r
\r
?>\r