日期:2014-05-17 浏览次数:20681 次
class User { private $uid; private $fields; public function __construct() { $this->uid = null; $this->fields = array( 'username' => '', 'password' => '', 'emailAddr' => '', 'isActive' => false, 'permission' => 0 ); } public static function getById($user_id) { $user = new User(); $query = sprintf('SELECT username, password, email_addr, is_active, permission FROM %suser WHERE user_id = %d', DB_TBL_PREFIX, $user_id); $result = mysql_query($query, $GLOBALS['DB']); if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $user->username = $row['username']; $user->password = $row['password']; $user->emailAddr = $row['email_addr']; $user->isActive = $row['is_active']; $user->permission = $row['permission']; $user->uid = $user_id; } mysql_free_result($result); return $user; } } public function save() { if ($this->uid) { $query = sprintf('UPDATE %suser SET username = "%s", password = "%s", email_addr = "%s", is_active = %d, permission = %d WHERE user_id = %d', DB_TBL_PREFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']), mysql_real_escape_string($this->password, $GLOBALS['DB']), mysql_real_escape_string($this->emailAddr, $GLOBALS['DB']), $this->isActive, $this->permission, $this->uid); return mysql_query($query, $GLOBALS['DB']); } else { $query = sprintf('INSERT INTO %suser(username, password, email_addr, is_active, permission) VALUES("%s", "%s", "%s", %d, %d)', DB_TBL_PREFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']), mysql_real_escape_string($this->password, $GLOBALS['DB']), mysql_real_escape_string($this->emailAddr, $GLOBALS['DB']), $this->isActive, $this->permission); if (mysql_query($query, $GLOBALS['DB'])) { $this->uid = mysql_insert_id($GLOBALS['DB']); return true; } else return false; } }