https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r1221: Finishing post_delete()
[bugdar.git] / includes / api_user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $GLOBALS['isso:callback']->load('api', null);
23
24 require_once('./includes/functions_datastore.php');
25 require_once('./includes/class_sort.php');
26
27 /**
28 * API: User
29 *
30 * @author Blue Static
31 * @copyright Copyright ©2002 - [#]year[#], Blue Static
32 * @version $Revision$
33 * @package Bugdar
34 *
35 */
36 class UserAPI extends API
37 {
38 /**
39 * Database fields
40 * @var array
41 * @access private
42 */
43 var $fields = array(
44 'userid' => array(TYPE_UINT, REQ_AUTO, 'verify_nozero'),
45 'email' => array(TYPE_STR, REQ_YES, ':self'),
46 'displayname' => array(TYPE_STR, REQ_YES, ':self'),
47 'usergroupid' => array(TYPE_UINT, REQ_YES, ':self'),
48 'password' => array(TYPE_STR, REQ_YES),
49 'salt' => array(TYPE_STR, REQ_SET),
50 'authkey' => array(TYPE_STR, REQ_SET),
51 'showemail' => array(TYPE_BOOL, REQ_NO),
52 'showcolors' => array(TYPE_BOOL, REQ_NO),
53 'languageid' => array(TYPE_UINT, REQ_NO),
54 'timezone' => array(TYPE_INT, REQ_NO),
55 'usedst' => array(TYPE_BOOL, REQ_NO),
56 'hidestatuses' => array(TYPE_STR, REQ_NO, ':self'),
57 'defaultsortkey' => array(TYPE_STR, REQ_NO, ':self'),
58 'defaultsortas' => array(TYPE_STR, REQ_NO, ':self')
59 );
60
61 /**
62 * Database table
63 * @var string
64 * @access private
65 */
66 var $table = 'user';
67
68 /**
69 * Table prefix
70 * @var string
71 * @access private
72 */
73 var $prefix = TABLE_PREFIX;
74
75 // ###################################################################
76 /**
77 * Set field: salt
78 *
79 * @access private
80 */
81 function set_salt()
82 {
83 $this->set('salt', $this->registry->funct->rand(array(1, 15)));
84 }
85
86 // ###################################################################
87 /**
88 * Set field: authkey
89 *
90 * @access private
91 */
92 function set_authkey()
93 {
94 $this->set('authkey', $this->registry->funct->rand());
95 }
96
97 // ###################################################################
98 /**
99 * Pre-insert
100 *
101 * @access private
102 */
103 function pre_insert()
104 {
105 $this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
106 }
107
108 // ###################################################################
109 /**
110 * Post-insert
111 *
112 * @access protected
113 */
114 function post_insert()
115 {
116 $this->registry->db->query("
117 INSERT INTO " . TABLE_PREFIX . "useremail
118 (userid, mask, relation)
119 VALUES
120 (" . $this->insertid . ", 32, 0),
121 (" . $this->insertid . ", 320, 1),
122 (" . $this->insertid . ", 1984, 2),
123 (" . $this->insertid . ", 64, 4),
124 (" . $this->insertid . ", 64, 8),
125 (" . $this->insertid . ", 256, 16
126 )
127 ");
128 build_assignedto();
129 }
130
131 // ###################################################################
132 /**
133 * Verify: email
134 *
135 * @access private
136 */
137 function verify_email()
138 {
139 if (!is_bool($ne = $this->verify_noempty('email')))
140 {
141 return $ne;
142 }
143
144 if (!$this->registry->funct->is_valid_email($this->values['email']))
145 {
146 return _('The specified email is invalid.');
147 }
148 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
149 {
150 return _('The specified email is already in use.');
151 }
152 return true;
153 }
154
155 // ###################################################################
156 /**
157 * Verify: displayname
158 *
159 * @access private
160 */
161 function verify_displayname()
162 {
163 if (!is_bool($ne = $this->verify_noempty('displayname')))
164 {
165 return $ne;
166 }
167
168 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
169 {
170 return _('That display name is already in use by another user.');
171 }
172 return true;
173 }
174
175 // ###################################################################
176 /**
177 * Verify: usergroupid
178 *
179 * @access private
180 */
181 function verify_usergroupid()
182 {
183 if (!isset($this->registry->datastore['usergroup'][ $this->values['usergroupid'] ]))
184 {
185 return false;
186 }
187 return true;
188 }
189
190 // ###################################################################
191 /**
192 * Pre-update
193 *
194 * @access private
195 */
196 function pre_update()
197 {
198 $this->set_condition();
199 $this->fetch();
200
201 if ($this->values['password'] == '')
202 {
203 $this->set('password', $this->objdata['password']);
204 }
205 else
206 {
207 $this->registry->debug("updating password = true");
208 $this->set('password', md5(md5($this->values['password']) . md5($this->objdata['salt'])));
209 }
210 }
211
212 // ###################################################################
213 /**
214 * Post-update
215 *
216 * @access protected
217 */
218 function post_update()
219 {
220 build_assignedto();
221 }
222
223 // ###################################################################
224 /**
225 * Pre-delete
226 *
227 * @access protected
228 */
229 function pre_delete()
230 {
231 if ($this->values['userid'] == $this->registry->userinfo['userid'])
232 {
233 $this->error(_('You cannot delete your own account!'));
234 }
235
236 if ($this->values['usergroupid'] == 6)
237 {
238 $count = $this->registry->db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
239 if ($count['count'] < 1)
240 {
241 $this->error(_('At least one other administrator needs to be present before you can delete this user'));
242 }
243 }
244 }
245
246 // ###################################################################
247 /**
248 * Post-delete
249 *
250 * @access protected
251 */
252 function post_delete()
253 {
254 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
255 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
256 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
257 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
258 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
259
260 build_assignedto();
261 }
262
263 // ###################################################################
264 /**
265 * Verify: hidestatuses
266 *
267 * @access private
268 */
269 function verify_hidestatuses()
270 {
271 if (is_array($this->values['hidestatuses']))
272 {
273 $this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
274 }
275
276 return true;
277 }
278
279 // ###################################################################
280 /**
281 * Verify: defaultsortkey
282 *
283 * @access private
284 */
285 function verify_defaultsortkey()
286 {
287 if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
288 {
289 return false;
290 }
291
292 return true;
293 }
294
295 // ###################################################################
296 /**
297 * Verify: defaultsortas
298 *
299 * @access private
300 */
301 function verify_defaultsortas()
302 {
303 if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
304 {
305 return false;
306 }
307
308 return true;
309 }
310 }
311
312 /*=====================================================================*\
313 || ###################################################################
314 || # $HeadURL$
315 || # $Id$
316 || ###################################################################
317 \*=====================================================================*/
318 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.