2 /*=====================================================================*\
3 || ###################################################################
5 || # Copyright ©2002-2007 Blue Static
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
22 require_once ISSO
. '/Api.php';
23 require_once('./includes/functions_datastore.php');
24 require_once('./includes/class_sort.php');
30 * @copyright Copyright ©2002 - 2007, Blue Static
35 class UserAPI
extends BSApi
41 protected $fields = array(
42 'userid' => array(TYPE_UINT
, REQ_AUTO
),
43 'email' => array(TYPE_STR
, REQ_YES
),
44 'displayname' => array(TYPE_STR
, REQ_YES
),
45 'usergroupid' => array(TYPE_UINT
, REQ_YES
),
46 'groupids' => array(TYPE_STR
, REQ_NO
),
47 'password' => array(TYPE_STR
, REQ_YES
),
48 'salt' => array(TYPE_STR
, REQ_SET
),
49 'authkey' => array(TYPE_STR
, REQ_SET
),
50 'showemail' => array(TYPE_BOOL
, REQ_NO
),
51 'showcolors' => array(TYPE_BOOL
, REQ_NO
),
52 'languageid' => array(TYPE_UINT
, REQ_NO
),
53 'timezone' => array(TYPE_FLOAT
,REQ_NO
),
54 'usedst' => array(TYPE_BOOL
, REQ_NO
),
55 'hidestatuses' => array(TYPE_STR
, REQ_NO
),
56 'defaultsortkey' => array(TYPE_STR
, REQ_NO
),
57 'defaultsortas' => array(TYPE_STR
, REQ_NO
),
58 'columnoptions' => array(TYPE_STR
, REQ_NO
),
59 'authid' => array(TYPE_STR
, REQ_NO
)
66 protected $table = 'user';
72 protected $prefix = TABLE_PREFIX
;
77 protected function set_salt()
79 $this->set('salt', BSFunctions
::random(rand(3, 15)));
85 protected function set_authkey()
87 $this->set('authkey', BSFunctions
::random());
93 protected function pre_insert()
95 $this->set('password', md5(md5($this->values
['password']) . md5($this->values
['salt'])));
101 protected function post_insert()
104 INSERT INTO " . TABLE_PREFIX
. "useremail
105 (userid, mask, relation)
107 (" . $this->insertid
. ", 32, 0),
108 (" . $this->insertid
. ", 320, 1),
109 (" . $this->insertid
. ", 1984, 2),
110 (" . $this->insertid
. ", 64, 4),
111 (" . $this->insertid
. ", 64, 8),
112 (" . $this->insertid
. ", 256, 16
121 protected function validate_email($field)
123 if (!$this->_verifyIsNotEmpty($field))
128 if (!BSFunctions
::is_valid_email($this->values
['email']))
130 $this->_error(new FieldException(T('The specified email is invalid.'), 'email'));
133 if (BSApp
::$db->queryFirst("SELECT * FROM " . TABLE_PREFIX
. "user WHERE email = '" . BSApp
::$input->escape($this->values
['email']) . "' AND userid <> " . BSApp
::$input->clean($this->values
['userid'], TYPE_UINT
)))
135 $this->_error(new FieldException(T('The specified email is already in use.'), 'email'));
142 * Validate: displayname
144 protected function validate_displayname($field)
146 if (!$this->_verifyIsNotEmpty($field))
151 if (BSApp
::$db->queryFirst("SELECT * FROM " . TABLE_PREFIX
. "user WHERE displayname = '" . BSApp
::$input->escape($this->values
['displayname']) . "' AND userid <> " . BSApp
::$input->clean($this->values
['userid'], TYPE_UINT
)))
153 $this->_error(new FieldException(T('That display name is already in use by another user.'), 'displayname'));
160 * Validate: usergroupid
162 protected function validate_usergroupid($field)
164 if (!isset(bugdar
::$datastore['usergroup'][ $this->values
['usergroupid'] ]))
166 $this->_error(new FieldException(L_INVALID_ID
, $field));
175 protected function validate_groupids($field)
177 $groups = $this->values
['groupids'];
178 if (!is_array($groups))
180 $groups = explode(',', $this->values
['groupids']);
182 $groups = BSFunctions
::array_strip_empty($groups);
184 foreach ($groups as $group)
186 if (!isset(bugdar
::$datastore['usergroup']["$group"]))
188 $this->_error(new FieldException(L_INVALID_ID
, $field));
193 $this->values
['groupids'] = implode(',', $groups);
201 protected function pre_update()
203 $this->setCondition();
206 if ($this->values
['password'] == '')
208 $this->set('password', $this->record
['password']);
212 BSApp
::debug("updating password = true");
213 $this->set('password', md5(md5($this->values
['password']) . md5($this->record
['salt'])));
220 protected function post_update()
222 if (isset($this->values
['displayname']))
224 $username = BSApp
::$input->escape($this->values
['displayname']);
225 $id = $this->values
['userid'];
227 BSApp
::$db->query("UPDATE " . TABLE_PREFIX
. "bug SET username = '$username' WHERE userid = $id");
228 BSApp
::$db->query("UPDATE " . TABLE_PREFIX
. "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
229 BSApp
::$db->query("UPDATE " . TABLE_PREFIX
. "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
232 if (isset($this->values
['displayname']) ||
isset($this->values
['email']))
241 protected function pre_delete()
243 if ($this->values
['userid'] == bugdar
::$userinfo['userid'])
246 $this->error(T('You cannot delete your own account!'));
249 if ($this->values
['usergroupid'] == 6)
251 $count = BSApp
::$db->queryFirst("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX
. "user WHERE usergroupid = 6 AND userid <> " . $this->values
['userid']);
252 if ($count['count'] < 1)
254 $this->error(T('At least one other administrator needs to be present before you can delete this user'));
262 protected function post_delete()
264 BSApp
::db
->query("DELETE FROM " . TABLE_PREFIX
. "user WHERE userid = " . $this->values
['userid']);
265 BSApp
::db
->query("DELETE FROM " . TABLE_PREFIX
. "favorite WHERE userid = " . $this->values
['userid']);
266 BSApp
::db
->query("DELETE FROM " . TABLE_PREFIX
. "useractivation WHERE userid = " . $this->values
['userid']);
267 BSApp
::db
->query("DELETE FROM " . TABLE_PREFIX
. "useremail WHERE userid = " . $this->values
['userid']);
268 BSApp
::db
->query("DELETE FROM " . TABLE_PREFIX
. "search WHERE userid = " . $this->values
['userid']);
274 * Validate: hidestatuses
276 protected function validate_hidestatuses($field)
278 if (is_array($this->values
['hidestatuses']))
280 $this->set('hidestatuses', implode(',', $this->values
['hidestatuses']));
287 * Validate: defaultsortkey
289 protected function validate_defaultsortkey($field)
291 if (!ListSorter
::fetch_by_text($this->values
['defaultsortkey']))
293 $this->_error(new FieldException(L_INVALID_ID
, $field));
301 * Validate: defaultsortas
303 protected function validate_defaultsortas($field)
305 if (!ListSorter
::fetch_as_text($this->values
['defaultsortas']))
307 $this->_error(new FieldException(L_INVALID_ID
, $field));
315 * Validate: columnoptions
317 protected function validate_columnoptions($field)
319 if (is_array($this->values
['columnoptions']))
321 $this->set('columnoptions', serialize($this->values
['columnoptions']));
327 /*=====================================================================*\
328 || ###################################################################
331 || ###################################################################
332 \*=====================================================================*/