https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Update api_user.php
[bugdar.git] / includes / api_user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar
5 || # Copyright ©2002-2007 Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once ISSO . '/Api.php';
23 require_once('./includes/functions_datastore.php');
24 require_once('./includes/class_sort.php');
25
26 /**
27 * API: User
28 *
29 * @author Blue Static
30 * @copyright Copyright ©2002 - 2007, Blue Static
31 * @version $Revision$
32 * @package Bugdar
33 *
34 */
35 class UserAPI extends BSApi
36 {
37 /**
38 * Database fields
39 * @var array
40 */
41 protected $fields = array(
42 'userid' => array(TYPE_UINT, REQ_AUTO),
43 'email' => array(TYPE_STR, REQ_YES),
44 'displayname' => array(TYPE_STR, REQ_YES),
45 'usergroupid' => array(TYPE_UINT, REQ_YES),
46 'groupids' => array(TYPE_STR, REQ_NO),
47 'password' => array(TYPE_STR, REQ_YES),
48 'salt' => array(TYPE_STR, REQ_SET),
49 'authkey' => array(TYPE_STR, REQ_SET),
50 'showemail' => array(TYPE_BOOL, REQ_NO),
51 'showcolors' => array(TYPE_BOOL, REQ_NO),
52 'languageid' => array(TYPE_UINT, REQ_NO),
53 'timezone' => array(TYPE_FLOAT,REQ_NO),
54 'usedst' => array(TYPE_BOOL, REQ_NO),
55 'hidestatuses' => array(TYPE_STR, REQ_NO),
56 'defaultsortkey' => array(TYPE_STR, REQ_NO),
57 'defaultsortas' => array(TYPE_STR, REQ_NO),
58 'columnoptions' => array(TYPE_STR, REQ_NO),
59 'authid' => array(TYPE_STR, REQ_NO)
60 );
61
62 /**
63 * Database table
64 * @var string
65 */
66 protected $table = 'user';
67
68 /**
69 * Table prefix
70 * @var string
71 */
72 protected $prefix = TABLE_PREFIX;
73
74 /**
75 * Set field: salt
76 */
77 protected function set_salt()
78 {
79 $this->set('salt', BSFunctions::random(rand(3, 15)));
80 }
81
82 /**
83 * Set field: authkey
84 */
85 protected function set_authkey()
86 {
87 $this->set('authkey', BSFunctions::random());
88 }
89
90 /**
91 * Pre-insert
92 */
93 protected function pre_insert()
94 {
95 $this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
96 }
97
98 /**
99 * Post-insert
100 */
101 protected function post_insert()
102 {
103 BSApp::$db->query("
104 INSERT INTO " . TABLE_PREFIX . "useremail
105 (userid, mask, relation)
106 VALUES
107 (" . $this->insertid . ", 32, 0),
108 (" . $this->insertid . ", 320, 1),
109 (" . $this->insertid . ", 1984, 2),
110 (" . $this->insertid . ", 64, 4),
111 (" . $this->insertid . ", 64, 8),
112 (" . $this->insertid . ", 256, 16
113 )
114 ");
115 build_assignedto();
116 }
117
118 /**
119 * Validate: email
120 */
121 protected function validate_email($field)
122 {
123 if (!$this->_verifyIsNotEmpty($field))
124 {
125 return false;
126 }
127
128 if (!BSFunctions::is_valid_email($this->values['email']))
129 {
130 $this->_error(new FieldException(T('The specified email is invalid.'), 'email'));
131 return false;
132 }
133 if (BSApp::$db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . BSApp::$input->escape($this->values['email']) . "' AND userid <> " . BSApp::$input->clean($this->values['userid'], TYPE_UINT)))
134 {
135 $this->_error(new FieldException(T('The specified email is already in use.'), 'email'));
136 return false;
137 }
138 return true;
139 }
140
141 /**
142 * Validate: displayname
143 */
144 protected function validate_displayname($field)
145 {
146 if (!$this->_verifyIsNotEmpty($field))
147 {
148 return false;
149 }
150
151 if (BSApp::$db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . BSApp::$input->escape($this->values['displayname']) . "' AND userid <> " . BSApp::$input->clean($this->values['userid'], TYPE_UINT)))
152 {
153 $this->_error(new FieldException(T('That display name is already in use by another user.'), 'displayname'));
154 return false;
155 }
156 return true;
157 }
158
159 /**
160 * Validate: usergroupid
161 */
162 protected function validate_usergroupid($field)
163 {
164 if (!isset(bugdar::$datastore['usergroup'][ $this->values['usergroupid'] ]))
165 {
166 $this->_error(new FieldException(L_INVALID_ID, $field));
167 return false;
168 }
169 return true;
170 }
171
172 /**
173 * Validate: groupids
174 */
175 protected function validate_groupids($field)
176 {
177 $groups = $this->values['groupids'];
178 if (!is_array($groups))
179 {
180 $groups = explode(',', $this->values['groupids']);
181 }
182 $groups = BSFunctions::array_strip_empty($groups);
183
184 foreach ($groups as $group)
185 {
186 if (!isset(bugdar::$datastore['usergroup']["$group"]))
187 {
188 $this->_error(new FieldException(L_INVALID_ID, $field));
189 return false;
190 }
191 }
192
193 $this->values['groupids'] = implode(',', $groups);
194
195 return true;
196 }
197
198 /**
199 * Pre-update
200 */
201 protected function pre_update()
202 {
203 $this->setCondition();
204 $this->fetch();
205
206 if ($this->values['password'] == '')
207 {
208 $this->set('password', $this->record['password']);
209 }
210 else
211 {
212 BSApp::debug("updating password = true");
213 $this->set('password', md5(md5($this->values['password']) . md5($this->record['salt'])));
214 }
215 }
216
217 /**
218 * Post-update
219 */
220 protected function post_update()
221 {
222 if (isset($this->values['displayname']))
223 {
224 $username = BSApp::$input->escape($this->values['displayname']);
225 $id = $this->values['userid'];
226
227 BSApp::$db->query("UPDATE " . TABLE_PREFIX . "bug SET username = '$username' WHERE userid = $id");
228 BSApp::$db->query("UPDATE " . TABLE_PREFIX . "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
229 BSApp::$db->query("UPDATE " . TABLE_PREFIX . "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
230 }
231
232 if (isset($this->values['displayname']) || isset($this->values['email']))
233 {
234 build_assignedto();
235 }
236 }
237
238 /**
239 * Pre-delete
240 */
241 protected function pre_delete()
242 {
243 if ($this->values['userid'] == bugdar::$userinfo['userid'])
244 {
245
246 $this->error(T('You cannot delete your own account!'));
247 }
248
249 if ($this->values['usergroupid'] == 6)
250 {
251 $count = BSApp::$db->queryFirst("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
252 if ($count['count'] < 1)
253 {
254 $this->error(T('At least one other administrator needs to be present before you can delete this user'));
255 }
256 }
257 }
258
259 /**
260 * Post-delete
261 */
262 protected function post_delete()
263 {
264 BSApp::db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
265 BSApp::db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
266 BSApp::db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
267 BSApp::db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
268 BSApp::db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
269
270 build_assignedto();
271 }
272
273 /**
274 * Validate: hidestatuses
275 */
276 protected function validate_hidestatuses($field)
277 {
278 if (is_array($this->values['hidestatuses']))
279 {
280 $this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
281 }
282
283 return true;
284 }
285
286 /**
287 * Validate: defaultsortkey
288 */
289 protected function validate_defaultsortkey($field)
290 {
291 if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
292 {
293 $this->_error(new FieldException(L_INVALID_ID, $field));
294 return false;
295 }
296
297 return true;
298 }
299
300 /**
301 * Validate: defaultsortas
302 */
303 protected function validate_defaultsortas($field)
304 {
305 if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
306 {
307 $this->_error(new FieldException(L_INVALID_ID, $field));
308 return false;
309 }
310
311 return true;
312 }
313
314 /**
315 * Validate: columnoptions
316 */
317 protected function validate_columnoptions($field)
318 {
319 if (is_array($this->values['columnoptions']))
320 {
321 $this->set('columnoptions', serialize($this->values['columnoptions']));
322 }
323 return true;
324 }
325 }
326
327 /*=====================================================================*\
328 || ###################################################################
329 || # $HeadURL$
330 || # $Id$
331 || ###################################################################
332 \*=====================================================================*/
333 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.