Changeset 1092 for trunk/wifidog-auth/wifidog/classes/User.php
- Timestamp:
- 09/07/06 04:38:25 (6 years ago)
- Files:
-
- 1 modified
-
trunk/wifidog-auth/wifidog/classes/User.php (modified) (45 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/wifidog-auth/wifidog/classes/User.php
r1090 r1092 1 1 <?php 2 2 3 3 4 /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */ … … 45 46 * Load required classes 46 47 */ 47 require_once ('classes/Network.php');48 require_once ('classes/Mail.php');49 require_once ('classes/InterfaceElements.php');48 require_once ('classes/Network.php'); 49 require_once ('classes/Mail.php'); 50 require_once ('classes/InterfaceElements.php'); 50 51 51 52 /** … … 56 57 * @copyright 2005-2006 Benoit Grégoire, Technologies Coeus inc. 57 58 */ 58 class User implements GenericObject 59 { 59 class User implements GenericObject { 60 60 private $mRow; 61 61 private $id; … … 65 65 * @return a User object, or null if there was an error 66 66 */ 67 public static function getObject($id) 68 { 67 public static function getObject($id) { 69 68 $object = null; 70 69 $object = new self($id); … … 72 71 } 73 72 74 static function createNewObject() 75 { 73 static function createNewObject() { 76 74 echo "<h1>Use User::createUser() instead</h1>"; 77 75 } … … 79 77 * @return html markup 80 78 */ 81 public static function getCreateNewObjectUI() 82 { 79 public static function getCreateNewObjectUI() { 83 80 return null; 84 81 } … … 90 87 * @return the node object or null if no new node was created. 91 88 */ 92 static function processCreateNewObjectUI() 93 { 89 static function processCreateNewObjectUI() { 94 90 return self :: createNewObject(); 95 91 } … … 98 94 * 99 95 * @return mixed A User object, or null if there was an error 100 101 */ 102 public static function getCurrentUser() 103 { 104 require_once('classes/Session.php'); 96 97 */ 98 public static function getCurrentUser() { 99 require_once ('classes/Session.php'); 105 100 $session = new Session(); 106 101 $user = null; 107 try 108 { 102 try { 109 103 $user = self :: getObject($session->get(SESS_USER_ID_VAR)); 110 104 //$user = new User($session->get(SESS_USER_ID_VAR)); 111 } 112 catch (Exception $e) 113 { 105 } catch (Exception $e) { 114 106 /**If any problem occurs, the user should be considered logged out*/ 115 107 $session->set(SESS_USER_ID_VAR, null); … … 126 118 * 127 119 * @return bool True if everything went well setting the session 128 129 */ 130 public static function setCurrentUser(User $user) 131 { 132 try 133 { 120 121 */ 122 public static function setCurrentUser(User $user) { 123 try { 134 124 $session = new Session(); 135 125 $session->set(SESS_USER_ID_VAR, $user->getId()); 136 126 $session->set(SESS_PASSWORD_HASH_VAR, $user->getPasswordHash()); 137 127 return true; 138 } 139 catch (Exception $e) 140 { 128 } catch (Exception $e) { 141 129 return false; 142 130 } … … 147 135 * 148 136 * @return string Hostname of server 149 150 */ 151 public static function getCurrentServer() 152 { 137 138 */ 139 public static function getCurrentServer() { 153 140 return $_SERVER['SERVER_NAME']; 154 141 } … … 159 146 * @return a User object, or null if there was an error 160 147 */ 161 public static function getUserByUsernameAndOrigin($username, Network $account_origin) 162 { 148 public static function getUserByUsernameAndOrigin($username, Network $account_origin) { 163 149 global $db; 164 150 $object = null; … … 178 164 * @return a User object, or null if there was an error 179 165 */ 180 public static function getUserByEmailAndOrigin($email, Network $account_origin) 181 { 166 public static function getUserByEmailAndOrigin($email, Network $account_origin) { 182 167 global $db; 183 168 $object = null; … … 195 180 * @return The 32 character hash. 196 181 */ 197 public static function passwordHash($password) 198 { 182 public static function passwordHash($password) { 199 183 /** 200 184 * utf8_decode is used for backward compatibility with old passwords … … 209 193 * @return the newly created User object, or null if there was an error 210 194 */ 211 static function createUser($id, $username, Network $account_origin, $email, $password) 212 { 195 static function createUser($id, $username, Network $account_origin, $email, $password) { 213 196 global $db; 214 197 … … 229 212 } 230 213 231 /* public static function purgeUnvalidatedUsers($days_since_creation)232 {233 global $db;234 $days_since_creation = $db->escapeString($days_since_creation);235 236 //$db->execSqlUpdate("INSERT INTO users (user_id,username, account_origin,email,pass,account_status,validation_token,reg_date) VALUES ('$id_str','$username_str','$account_origin_str','$email_str','$password_hash','$status','$token',NOW())");237 }*/214 /* public static function purgeUnvalidatedUsers($days_since_creation) 215 { 216 global $db; 217 $days_since_creation = $db->escapeString($days_since_creation); 218 219 //$db->execSqlUpdate("INSERT INTO users (user_id,username, account_origin,email,pass,account_status,validation_token,reg_date) VALUES ('$id_str','$username_str','$account_origin_str','$email_str','$password_hash','$status','$token',NOW())"); 220 }*/ 238 221 239 222 /** @param $object_id The id of the user */ 240 function __construct($object_id) 241 { 223 function __construct($object_id) { 242 224 global $db; 243 225 $this->mDb = & $db; … … 245 227 $sql = "SELECT * FROM users WHERE user_id='{$object_id_str}'"; 246 228 $db->execSqlUniqueRes($sql, $row, false); 247 if ($row == null) 248 { 229 if ($row == null) { 249 230 throw new Exception(sprintf(_("User id: %s could not be found in the database"), $object_id_str)); 250 231 } … … 253 234 } //End class 254 235 255 function getId() 256 { 236 function getId() { 257 237 return $this->id; 258 238 } … … 261 241 * @return Network object (never returns null) 262 242 */ 263 public function getNetwork() 264 { 243 public function getNetwork() { 265 244 return Network :: getObject($this->mRow['account_origin']); 266 245 } 267 246 268 247 /** Get a user display suitable for a user list. Will include link to the user profile. */ 269 function getListUI() 270 { 248 function getListUI() { 271 249 /* $roles = array (); 272 273 if ($current_node->isOwner($online_user)) {250 251 if ($current_node->isOwner($online_user)) { 274 252 $roles[] = _("owner"); 275 }276 277 if ($current_node->isTechnicalOfficer($online_user)) {253 } 254 255 if ($current_node->isTechnicalOfficer($online_user)) { 278 256 $roles[] = _("technical officer"); 279 }280 281 if ($roles) {257 } 258 259 if ($roles) { 282 260 $rolenames = join($roles, ","); 283 }*/261 }*/ 284 262 $html = ''; 285 if($this->isSplashOnlyUser()) 286 { 287 $html .= _("Guest"); 263 if ($this->isSplashOnlyUser()) { 264 $html .= _("Guest"); 288 265 } 289 266 $html .= $this->getUserName(); … … 291 268 } 292 269 293 function getUsername() 294 { 270 function getUsername() { 295 271 return $this->mRow['username']; 296 272 } 297 298 299 300 301 302 273 274 /** Set the user's username 275 * @param $value The new value 276 * @return true on success, false on failure 277 * @throws exception if the user tries to set a duplicate username 278 */ 303 279 function setUsername($value) { 304 280 $retval = true; … … 306 282 global $db; 307 283 $value = $db->escapeString($value); 308 $retval = @$db->execSqlUpdate("UPDATE users SET username = '{$value}' WHERE user_id='{$this->id}'", false); 309 if(!$retval) 310 { 311 throw new exception (sprintf(_("Sorry, the username %s is not available"), $value)); 284 $retval = @ $db->execSqlUpdate("UPDATE users SET username = '{$value}' WHERE user_id='{$this->id}'", false); 285 if (!$retval) { 286 throw new exception(sprintf(_("Sorry, the username %s is not available"), $value)); 312 287 } 313 288 $this->refresh(); … … 316 291 } 317 292 318 public function getEmail() 319 { 293 public function getEmail() { 320 294 return $this->mRow['email']; 321 295 } 322 296 323 public function setEmail($email) 324 { 325 $email_str = $this->mDb->escapeString($email); 326 if (!($update = $this->mDb->execSqlUpdate("UPDATE users SET email='{$email_str}' WHERE user_id='{$this->id}'"))) 327 { 328 throw new Exception(_("Could not update email address.")); 329 } 330 $this->mRow['email'] = $email; // unescaped 331 } 332 333 function setIsInvisible($value) 334 { 335 $retval = true; 336 if ($value != $this->isAdvertised()) 337 { 338 global $db; 339 $value ? $value = 'TRUE' : $value = 'FALSE'; 340 $retval = $db->execSqlUpdate("UPDATE users SET is_invisible = {$value} WHERE user_id = '{$this->getId()}'", false); 341 $this->refresh(); 342 } 343 return $retval; 344 } 345 346 public function isInvisible() 347 { 348 return (($this->mRow['is_invisible'] == 't') ? true : false); 297 public function setEmail($email) { 298 $email_str = $this->mDb->escapeString($email); 299 if (!($update = $this->mDb->execSqlUpdate("UPDATE users SET email='{$email_str}' WHERE user_id='{$this->id}'"))) { 300 throw new Exception(_("Could not update email address.")); 301 } 302 $this->mRow['email'] = $email; // unescaped 303 } 304 305 function setIsInvisible($value) { 306 $retval = true; 307 if ($value != $this->isAdvertised()) { 308 global $db; 309 $value ? $value = 'TRUE' : $value = 'FALSE'; 310 $retval = $db->execSqlUpdate("UPDATE users SET is_invisible = {$value} WHERE user_id = '{$this->getId()}'", false); 311 $this->refresh(); 312 } 313 return $retval; 314 } 315 316 public function isInvisible() { 317 return (($this->mRow['is_invisible'] == 't') ? true : false); 349 318 } 350 319 351 320 /**What locale (language) does the user prefer? */ 352 public function getPreferedLocale() 353 { 354 global $session; 355 $locale = $this->mRow['prefered_locale']; 356 if (empty($locale) && !empty($session)) 357 $locale = $session->get(SESS_LANGUAGE_VAR); 358 if (empty($locale)) 359 $locale = DEFAULT_LANG; 360 return $locale; 361 } 362 363 public function setPreferedLocale($locale) 364 { 365 $locale_str = $this->mDb->escapeString($locale); 366 if (!($update = $this->mDb->execSqlUpdate("UPDATE users SET prefered_locale='{$locale_str}' WHERE user_id='{$this->id}'"))) 367 { 368 throw new Exception(_("Could not update username locale.")); 369 } 370 $this->mRow['prefered_locale'] = $locale; 321 public function getPreferedLocale() { 322 global $session; 323 $locale = $this->mRow['prefered_locale']; 324 if (empty ($locale) && !empty ($session)) 325 $locale = $session->get(SESS_LANGUAGE_VAR); 326 if (empty ($locale)) 327 $locale = DEFAULT_LANG; 328 return $locale; 329 } 330 331 public function setPreferedLocale($locale) { 332 $locale_str = $this->mDb->escapeString($locale); 333 if (!($update = $this->mDb->execSqlUpdate("UPDATE users SET prefered_locale='{$locale_str}' WHERE user_id='{$this->id}'"))) { 334 throw new Exception(_("Could not update username locale.")); 335 } 336 $this->mRow['prefered_locale'] = $locale; 371 337 } 372 338 373 339 /** get the hashed password stored in the database */ 374 public function getPasswordHash() 375 { 340 public function getPasswordHash() { 376 341 return $this->mRow['pass']; 377 342 } … … 380 345 * @return Possible values are listed in common.php 381 346 */ 382 function getAccountStatus() 383 { 347 function getAccountStatus() { 384 348 return $this->mRow['account_status']; 385 349 } 386 350 387 function setAccountStatus($status) 388 { 351 function setAccountStatus($status) { 389 352 global $db; 390 353 391 354 $status_str = $db->escapeString($status); 392 if (!($update = $db->execSqlUpdate("UPDATE users SET account_status='{$status_str}' WHERE user_id='{$this->id}'"))) 393 { 355 if (!($update = $db->execSqlUpdate("UPDATE users SET account_status='{$status_str}' WHERE user_id='{$this->id}'"))) { 394 356 throw new Exception(_("Could not update status.")); 395 357 } … … 399 361 /** Is the user valid? Valid means that the account is validated or hasn't exhausted it's validation period. 400 362 $errmsg: Returs the reason why the account is or isn't valid */ 401 function isUserValid(& $errmsg = null) 402 { 363 function isUserValid(& $errmsg = null) { 403 364 global $db; 404 365 $retval = false; 405 366 $account_status = $this->getAccountStatus(); 406 if ($account_status == ACCOUNT_STATUS_ALLOWED) 407 { 367 if ($account_status == ACCOUNT_STATUS_ALLOWED) { 408 368 $retval = true; 409 } 410 else 411 if ($account_status == ACCOUNT_STATUS_VALIDATION) 412 { 369 } else 370 if ($account_status == ACCOUNT_STATUS_VALIDATION) { 413 371 $sql = "SELECT CASE WHEN ((NOW() - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired, networks.validation_grace_time FROM users JOIN networks ON (users.account_origin = networks.network_id) WHERE (user_id='{$this->id}')"; 414 372 $db->execSqlUniqueRes($sql, $user_info, false); 415 373 416 if ($user_info['validation_grace_time_expired'] == 't') 417 { 418 $errmsg = sprintf(_("Sorry, your %s minutes grace period to retrieve your email and validate your account has now expired. You will have to connect to the internet and validate your account from another location or create a new account. For help, please %s click here %s."), $user_info['validation_grace_time_expired'], '<a href="'.BASE_URL_PATH.'faq.php'.'">', '</a>'); 374 if ($user_info['validation_grace_time_expired'] == 't') { 375 $errmsg = sprintf(_("Sorry, your %s minutes grace period to retrieve your email and validate your account has now expired. You will have to connect to the internet and validate your account from another location or create a new account. For help, please %s click here %s."), $user_info['validation_grace_time_expired'], '<a href="' . BASE_URL_PATH . 'faq.php' . '">', '</a>'); 419 376 $retval = false; 420 } 421 else 422 { 377 } else { 423 378 $errmsg = _("Your account is currently valid."); 424 379 $retval = true; 425 380 } 426 } 427 else 428 { 429 $errmsg = _("Sorry, your account is not valid: ").$account_status_to_text[$account_status]; 381 } else { 382 $errmsg = _("Sorry, your account is not valid: ") . $account_status_to_text[$account_status]; 430 383 $retval = false; 431 384 } … … 433 386 } 434 387 435 public function isSuperAdmin() 436 { 388 public function isSuperAdmin() { 437 389 global $db; 438 390 //$this->session->dump(); 439 391 440 392 $db->execSqlUniqueRes("SELECT * FROM users NATURAL JOIN administrators WHERE (users.user_id='$this->id')", $user_info, false); 441 if (!empty ($user_info)) 442 { 393 if (!empty ($user_info)) { 443 394 return true; 444 } 445 else 446 { 395 } else { 447 396 return false; 448 397 } … … 453 402 * Tells if the current user is owner of at least one hotspot. 454 403 */ 455 public function isOwner() 456 { 404 public function isOwner() { 457 405 global $db; 458 406 $db->execSql("SELECT * FROM node_stakeholders WHERE is_owner = true AND user_id='{$this->getId()}'", $row, false); … … 463 411 } 464 412 465 public function isNobody() 466 { 467 global $db; 468 $db->execSqlUniqueRes("SELECT DISTINCT user_id FROM (SELECT user_id FROM network_stakeholders WHERE user_id='{$this->getId()}' UNION SELECT user_id FROM node_stakeholders WHERE user_id='{$this->getId()}' UNION SELECT user_id FROM administrators WHERE user_id='{$this->getId()}') as tmp", $row, false); 469 if ($row == null) 470 return true; 471 return false; 472 } 473 474 /** Is this user the Splash Only User() */ 475 public function isSplashOnlyUser() 476 { 477 if($this->mRow['user_id'] == "SPLASH_ONLY_USER") { 478 return true; 479 } 480 else { 481 return false; 482 } 483 } 484 485 function getValidationToken() 486 { 413 public function isNobody() { 414 global $db; 415 $db->execSqlUniqueRes("SELECT DISTINCT user_id FROM (SELECT user_id FROM network_stakeholders WHERE user_id='{$this->getId()}' UNION SELECT user_id FROM node_stakeholders WHERE user_id='{$this->getId()}' UNION SELECT user_id FROM administrators WHERE user_id='{$this->getId()}') as tmp", $row, false); 416 if ($row == null) 417 return true; 418 return false; 419 } 420 421 /** Is this user the Splash Only User() */ 422 public function isSplashOnlyUser() { 423 if ($this->mRow['username'] == "SPLASH_ONLY_USER") { 424 return true; 425 } else { 426 return false; 427 } 428 } 429 430 function getValidationToken() { 487 431 return $this->mRow['validation_token']; 488 432 } … … 491 435 @return true on success, false on failure 492 436 */ 493 function generateConnectionToken() 494 { 495 if ($this->isUserValid()) 496 { 437 function generateConnectionToken() { 438 if ($this->isUserValid()) { 497 439 global $db; 498 440 global $session; 499 441 500 442 $token = self :: generateToken(); 501 if ($_SERVER['REMOTE_ADDR']) 502 { 443 if ($_SERVER['REMOTE_ADDR']) { 503 444 $node_ip = $db->escapeString($_SERVER['REMOTE_ADDR']); 504 445 } 505 446 506 if ($session && $node_ip && $session->get(SESS_GW_ID_VAR)) 507 { 447 if ($session && $node_ip && $session->get(SESS_GW_ID_VAR)) { 508 448 $node_id = $db->escapeString($session->get(SESS_GW_ID_VAR)); 509 $db->execSqlUpdate("INSERT INTO connections (user_id, token, token_status, timestamp_in, node_id, node_ip, last_updated) VALUES ('" .$this->getId()."', '$token', '".TOKEN_UNUSED."', NOW(), '$node_id', '$node_ip', NOW())", false);449 $db->execSqlUpdate("INSERT INTO connections (user_id, token, token_status, timestamp_in, node_id, node_ip, last_updated) VALUES ('" . $this->getId() . "', '$token', '" . TOKEN_UNUSED . "', NOW(), '$node_id', '$node_ip', NOW())", false); 510 450 $retval = $token; 511 } 512 else 451 } else 513 452 $retval = false; 514 } 515 else 516 { 453 } else { 517 454 $retval = false; 518 455 } … … 520 457 } 521 458 522 function setPassword($password) 523 { 459 function setPassword($password) { 524 460 global $db; 525 461 526 462 $new_password_hash = User :: passwordHash($password); 527 if (!($update = $db->execSqlUpdate("UPDATE users SET pass='$new_password_hash' WHERE user_id='{$this->id}'"))) 528 { 463 if (!($update = $db->execSqlUpdate("UPDATE users SET pass='$new_password_hash' WHERE user_id='{$this->id}'"))) { 529 464 throw new Exception(_("Could not change user's password.")); 530 465 } … … 532 467 } 533 468 534 function getAccountOrigin() 535 { 469 function getAccountOrigin() { 536 470 return $this->mRow['account_origin']; 537 471 } … … 539 473 /** Return all the users 540 474 */ 541 static function getAllUsers() 542 { 475 static function getAllUsers() { 543 476 global $db; 544 477 545 478 $db->execSql("SELECT * FROM users", $objects, false); 546 if ($objects == null) 547 { 479 if ($objects == null) { 548 480 throw new Exception(_("No users could not be found in the database")); 549 481 } … … 551 483 } 552 484 553 function sendLostUsername() 554 { 485 function sendLostUsername() { 555 486 $network = $this->getNetwork(); 556 487 $mail = new Mail(); … … 558 489 $mail->setSenderEmail($network->getValidationEmailFromAddress()); 559 490 $mail->setRecipientEmail($this->getEmail()); 560 $mail->setMessageSubject($network->getName() ._(" lost username request"));561 $mail->setMessageBody(_("Hello,\nYou have requested that the authentication server send you your username:\nUsername: ") .$this->getUsername()._("\n\nHave a nice day,\nThe Team"));491 $mail->setMessageSubject($network->getName() . _(" lost username request")); 492 $mail->setMessageBody(_("Hello,\nYou have requested that the authentication server send you your username:\nUsername: ") . $this->getUsername() . _("\n\nHave a nice day,\nThe Team")); 562 493 $mail->send(); 563 494 } 564 495 565 function sendValidationEmail() 566 { 567 if ($this->getAccountStatus() != ACCOUNT_STATUS_VALIDATION) 568 { 496 function sendValidationEmail() { 497 if ($this->getAccountStatus() != ACCOUNT_STATUS_VALIDATION) { 569 498 throw new Exception(_("The user is not in validation period.")); 570 } 571 else 572 { 573 if ($this->getValidationToken() == "") 574 { 499 } else { 500 if ($this->getValidationToken() == "") { 575 501 throw new Exception(_("The validation token is empty.")); 576 } 577 else 578 { 502 } else { 579 503 $network = $this->getNetwork(); 580 504 … … 583 507 $mail->setSenderEmail($network->getValidationEmailFromAddress()); 584 508 $mail->setRecipientEmail($this->getEmail()); 585 $mail->setMessageSubject($network->getName() ._(" new user validation"));586 $url = BASE_SSL_PATH . "validate.php?user_id=" .$this->getId()."&token=".$this->getValidationToken();587 $mail->setMessageBody(_("Hello,\nPlease follow the link below to validate your account.\n") .$url._("\n\nThank you,\nThe Team."));509 $mail->setMessageSubject($network->getName() . _(" new user validation")); 510 $url = BASE_SSL_PATH . "validate.php?user_id=" . $this->getId() . "&token=" . $this->getValidationToken(); 511 $mail->setMessageBody(_("Hello,\nPlease follow the link below to validate your account.\n") . $url . _("\n\nThank you,\nThe Team.")); 588 512 $mail->send(); 589 513 } … … 591 515 } 592 516 593 function sendLostPasswordEmail() 594 { 517 function sendLostPasswordEmail() { 595 518 $network = $this->getNetwork(); 596 519 $new_password = $this->randomPass(); … … 601 524 $mail->setSenderEmail($network->getValidationEmailFromAddress()); 602 525 $mail->setRecipientEmail($this->getEmail()); 603 $mail->setMessageSubject($network->getName() ._(" new password request"));604 $mail->setMessageBody(_("Hello,\nYou have requested that the authentication server send you a new password:\nUsername: ") .$this->getUsername()._("\nPassword: ").$new_password._("\n\nHave a nice day,\nThe Team"));526 $mail->setMessageSubject($network->getName() . _(" new password request")); 527 $mail->setMessageBody(_("Hello,\nYou have requested that the authentication server send you a new password:\nUsername: ") . $this->getUsername() . _("\nPassword: ") . $new_password . _("\n\nHave a nice day,\nThe Team")); 605 528 $mail->send(); 606 529 } 607 530 608 static function userExists($id) 609 { 531 static function userExists($id) { 610 532 global $db; 611 533 $id_str = $db->escapeString($id); … … 615 537 } 616 538 617 public static function emailExists($id) 618 { 539 public static function emailExists($id) { 619 540 global $db; 620 541 $id_str = $db->escapeString($id); … … 624 545 } 625 546 626 public static function randomPass() 627 { 547 public static function randomPass() { 628 548 $rand_pass = ''; // makes sure the $pass var is empty. 629 for ($j = 0; $j < 3; $j ++) 630 { 631 $startnend = array ('b', 'c', 'd', 'f', 'g', 'h', 'j', 'k', 'l', 'm', 'n', 'p', 'q', 'r', 's', 't', 'v', 'w', 'x', 'y', 'z',); 632 $id = array ('a', 'e', 'i', 'o', 'u', 'y',); 549 for ($j = 0; $j < 3; $j++) { 550 $startnend = array ( 551 'b', 552 'c', 553 'd', 554 'f', 555 'g', 556 'h', 557 'j', 558 'k', 559 'l', 560 'm', 561 'n', 562 'p', 563 'q', 564 'r', 565 's', 566 't', 567 'v', 568 'w', 569 'x', 570 'y', 571 'z', 572 573 ); 574 $id = array ( 575 'a', 576 'e', 577 'i', 578 'o', 579 'u', 580 'y', 581 582 ); 633 583 $count1 = count($startnend) - 1; 634 584 $count2 = count($id) - 1; 635 585 636 for ($i = 0; $i < 3; $i ++) 637 { 638 if ($i != 1) 639 { 586 for ($i = 0; $i < 3; $i++) { 587 if ($i != 1) { 640 588 $rand_pass .= $startnend[rand(0, $count1)]; 641 } 642 else 643 { 589 } else { 644 590 $rand_pass .= $id[rand(0, $count2)]; 645 591 } … … 649 595 } 650 596 651 public static function generateToken() 652 { 597 public static function generateToken() { 653 598 return md5(uniqid(rand(), 1)); 654 599 } … … 663 608 * 664 609 * @return string HTML markup 665 666 */ 667 public static function getSelectUserUI($user_prefix, $add_button_name = null, $add_button_value = null) 668 { 610 611 */ 612 public static function getSelectUserUI($user_prefix, $add_button_name = null, $add_button_value = null) { 669 613 // Define globals 670 614 global $db; 671 615 672 $_networkSelector = InterfaceElements ::generateDiv(Network::getSelectNetworkUI($user_prefix), "admin_section_network_selector", "admin_section_network_selector_" . $user_prefix);616 $_networkSelector = InterfaceElements :: generateDiv(Network :: getSelectNetworkUI($user_prefix), "admin_section_network_selector", "admin_section_network_selector_" . $user_prefix); 673 617 674 618 // Check if we need to add an "add" button 675 619 if ($add_button_name && $add_button_value) { 676 $_userSelector = _("Username") . ": " . InterfaceElements::generateInputText("select_user_" . $user_prefix . "_username", "", "", "input_text", array("onkeypress" => "if ((event.which ? event.which : event.keyCode) == 13) {form.$add_button_name.click() }")); 677 $_userSelector .= InterfaceElements::generateInputSubmit($add_button_name, $add_button_value); 620 $_userSelector = _("Username") . ": " . InterfaceElements :: generateInputText("select_user_" . $user_prefix . "_username", "", "", "input_text", array ( 621 "onkeypress" => "if ((event.which ? event.which : event.keyCode) == 13) {form.$add_button_name.click() }" 622 )); 623 $_userSelector .= InterfaceElements :: generateInputSubmit($add_button_name, $add_button_value); 678 624 } else { 679 $_userSelector = _("Username") . ": " . InterfaceElements::generateInputText("select_user_" . $user_prefix . "_username");680 } 681 $_html = InterfaceElements ::generateDiv($_networkSelector . $_userSelector, 'user_select_user_ui_container');625 $_userSelector = _("Username") . ": " . InterfaceElements :: generateInputText("select_user_" . $user_prefix . "_username"); 626 } 627 $_html = InterfaceElements :: generateDiv($_networkSelector . $_userSelector, 'user_select_user_ui_container'); 682 628 683 629 return $_html; … … 688 634 * @return the User object, or null if the user is invalid or none was selected 689 635 */ 690 static function processSelectUserUI($user_prefix) 691 { 636 static function processSelectUserUI($user_prefix) { 692 637 $object = null; 693 try 694 { 638 try { 695 639 $network = Network :: processSelectNetworkUI($user_prefix); 696 640 $name = "select_user_{$user_prefix}_username"; 697 if (!empty ($_REQUEST[$name])) 698 { 641 if (!empty ($_REQUEST[$name])) { 699 642 $username = $_REQUEST[$name]; 700 643 return self :: getUserByUsernameAndOrigin($username, $network); 701 } 702 else 644 } else 703 645 return null; 704 } 705 catch (Exception $e) 706 { 646 } catch (Exception $e) { 707 647 return null; 708 648 } 709 649 } 710 650 711 public function getAdminUI() 712 { 713 global $db; 714 $currentUser= self::getCurrentUser(); 651 public function getAdminUI() { 652 global $db; 653 $currentUser = self :: getCurrentUser(); 715 654 $html = ''; 716 $html .= "<fieldset class='admin_container " .get_class($this)."'>\n";655 $html .= "<fieldset class='admin_container " . get_class($this) . "'>\n"; 717 656 $html .= "<ul class='admin_element_list'>\n"; 718 if($this==$currentUser || $this->getNetwork()->hasAdminAccess($currentUser)) 719 { 720 //username 721 $html .= "<li class='admin_element_item_container'>\n"; 722 $html .= "<div class='admin_element_label'>"._("Username")." : </div>\n"; 723 $html .= "<div class='admin_element_data'>\n"; 724 $name = "user_".$this->getId()."_username"; 725 $html .= "<input type='text' name='$name' value='".htmlentities($this->getUsername())."' size=30>\n"; 726 $html .= _("Be carefull when changing this: it's the username you use to log in!"); 727 $html .= "</div>\n"; 728 $html .= "</li>\n"; 729 } 730 /* 731 $html .= "<li class='admin_element_item_container'>\n"; 732 $html .= "<div class='admin_element_label'>"._("Real name")." : </div>\n"; 733 $html .= "<div class='admin_element_data'>\n"; 734 $name = "user_".$this->getId()."_real_name"; 735 $html .= "<input type='text' name='$name' value='".htmlentities($this->getRealName())."' size=30 readonly>\n"; 736 $html .= "</div>\n"; 737 $html .= "</li>\n"; 738 739 $html .= "<li class='admin_element_item_container'>\n"; 740 $html .= "<div class='admin_element_label'>"._("Website URL")." : </div>\n"; 741 $html .= "<div class='admin_element_data'>\n"; 742 $name = "user_".$this->getId()."_website"; 743 $html .= "<input type='text' name='$name' value='".htmlentities($this->getWebsiteURL())."' size=30 readonly>\n"; 744 $html .= "</div>\n"; 745 $html .= "</li>\n"; 746 */ 657 if (($this == $currentUser && !$this->isSplashOnlyUser() )|| $this->getNetwork()->hasAdminAccess($currentUser)) { 658 //username 659 $html .= "<li class='admin_element_item_container'>\n"; 660 $html .= "<div class='admin_element_label'>" . _("Username") . " : </div>\n"; 661 $html .= "<div class='admin_element_data'>\n"; 662 $name = "user_" . $this->getId() . "_username"; 663 $html .= "<input type='text' name='$name' value='" . htmlentities($this->getUsername()) . "' size=30>\n"; 664 $html .= _("Be carefull when changing this: it's the username you use to log in!"); 665 $html .= "</div>\n"; 666 $html .= "</li>\n"; 667 } 668 /* 669 $html .= "<li class='admin_element_item_container'>\n"; 670 $html .= "<div class='admin_element_label'>"._("Real name")." : </div>\n"; 671 $html .= "<div class='admin_element_data'>\n"; 672 $name = "user_".$this->getId()."_real_name"; 673 $html .= "<input type='text' name='$name' value='".htmlentities($this->getRealName())."' size=30 readonly>\n"; 674 $html .= "</div>\n"; 675 $html .= "</li>\n"; 676 677 $html .= "<li class='admin_element_item_container'>\n"; 678 $html .= "<div class='admin_element_label'>"._("Website URL")." : </div>\n"; 679 $html .= "<div class='admin_element_data'>\n"; 680 $name = "user_".$this->getId()."_website"; 681 $html .= "<input type='text' name='$name' value='".htmlentities($this->getWebsiteURL())."' size=30 readonly>\n"; 682 $html .= "</div>\n"; 683 $html .= "</li>\n"; 684 */ 747 685 $html .= "</fieldset>\n"; 748 686 return $html; 749 687 } 750 688 751 public function processAdminUI() 752 { 753 global $db; 754 $currentUser= self::getCurrentUser(); 755 if($this==$currentUser || $this->getNetwork()->hasAdminAccess($currentUser)) 756 { 757 //username 758 $name = "user_".$this->getId()."_username"; 759 $this->setUsername($_REQUEST[$name]); 760 } 761 } 762 763 public function delete(& $errmsg) 764 { 765 } 766 767 public function getUserUI() 768 { 689 public function processAdminUI() { 690 global $db; 691 $currentUser = self :: getCurrentUser(); 692 if ($this == $currentUser || $this->getNetwork()->hasAdminAccess($currentUser)) { 693 //username 694 $name = "user_" . $this->getId() . "_username"; 695 $this->setUsername($_REQUEST[$name]); 696 } 697 } 698 699 public function delete(& $errmsg) { 700 } 701 702 public function getUserUI() { 769 703 $html = ""; 770 704 $html .= $this->getRealName(); 771 705 772 706 return $html; 773 707 } 774 708 775 709 /** Add content to this user ( subscription ) */ 776 public function addContent(Content $content) 777 { 710 public function addContent(Content $content) { 778 711 global $db; 779 712 $content_id = $db->escapeString($content->getId()); … … 784 717 785 718 /** Remove content from this node */ 786 public function removeContent(Content $content) 787 { 719 public function removeContent(Content $content) { 788 720 global $db; 789 721 $content_id = $db->escapeString($content->getId()); … … 795 727 /**Get an array of all Content linked to this node 796 728 * @return an array of Content or an empty arrray */ 797 function getAllContent() 798 { 729 function getAllContent() { 799 730 global $db; 800 731 $retval = array (); 801 732 $sql = "SELECT * FROM user_has_content WHERE user_id='$this->id' ORDER BY subscribe_timestamp"; 802 733 $db->execSql($sql, $content_rows, false); 803 if ($content_rows != null) 804 { 805 foreach ($content_rows as $content_row) 806 { 734 if ($content_rows != null) { 735 foreach ($content_rows as $content_row) { 807 736 $retval[] = Content :: getObject($content_row['content_id']); 808 737 } … … 812 741 813 742 /** Reloads the object from the database. Should normally be called after a set operation */ 814 protected function refresh() 815 { 816 $this->__construct($this->id); 743 protected function refresh() { 744 $this->__construct($this->id); 817 745 } 818 746 819 747 /** Set Smarty template values. Standardization routine. */ 820 public static function assignSmartyValues($smarty, $user=null) { 821 if (!$user) $user = User::getCurrentUser(); 822 $smarty->assign('username', $user ? $user->getUsername() : ''); 748 public static function assignSmartyValues($smarty, $user = null) { 749 if (!$user) 750 $user = User :: getCurrentUser(); 751 $smarty->assign('username', $user ? $user->getListUI() : ''); 823 752 $smarty->assign('userId', $user ? $user->getId() : ''); 824 825 826 827 828 829 830 831 $smarty->assign('isValidUser', $user? true : false);832 833 753 /** 754 * Define user security levels for the template 755 * 756 * These values are used in the default template of WiFoDog but could be 757 * used in a customized template to restrict certain links to specific 758 * user access levels. 759 */ 760 $smarty->assign('isValidUser', $user && !$user->isSplashOnlyUser() ? true : false); 761 $smarty->assign('isSuperAdmin', $user && $user->isSuperAdmin()); 762 $smarty->assign('isOwner', $user && $user->isOwner()); 834 763 835 764 if (isset ($_REQUEST['debug_request']) && ($user && $user->isSuperAdmin())) { … … 838 767 $smarty->assign('debugOutput', print_r($_REQUEST, true)); 839 768 } 840 769 } 841 770 } 842 771 … … 848 777 * End: 849 778 */ 850
