https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r1265: Timezones with half hours are not saved because the timezone is considered...
[bugdar.git] / includes / api_user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $GLOBALS['isso:callback']->load('api', null);
23
24 require_once('./includes/functions_datastore.php');
25 require_once('./includes/class_sort.php');
26
27 /**
28 * API: User
29 *
30 * @author Blue Static
31 * @copyright Copyright ©2002 - [#]year[#], Blue Static
32 * @version $Revision$
33 * @package Bugdar
34 *
35 */
36 class UserAPI extends API
37 {
38 /**
39 * Database fields
40 * @var array
41 * @access private
42 */
43 var $fields = array(
44 'userid' => array(TYPE_UINT, REQ_AUTO, 'verify_nozero'),
45 'email' => array(TYPE_STR, REQ_YES, ':self'),
46 'displayname' => array(TYPE_STR, REQ_YES, ':self'),
47 'usergroupid' => array(TYPE_UINT, REQ_YES, ':self'),
48 'password' => array(TYPE_STR, REQ_YES),
49 'salt' => array(TYPE_STR, REQ_SET),
50 'authkey' => array(TYPE_STR, REQ_SET),
51 'showemail' => array(TYPE_BOOL, REQ_NO),
52 'showcolors' => array(TYPE_BOOL, REQ_NO),
53 'languageid' => array(TYPE_UINT, REQ_NO),
54 'timezone' => array(TYPE_FLOAT,REQ_NO),
55 'usedst' => array(TYPE_BOOL, REQ_NO),
56 'hidestatuses' => array(TYPE_STR, REQ_NO, ':self'),
57 'defaultsortkey' => array(TYPE_STR, REQ_NO, ':self'),
58 'defaultsortas' => array(TYPE_STR, REQ_NO, ':self')
59 );
60
61 /**
62 * Database table
63 * @var string
64 * @access private
65 */
66 var $table = 'user';
67
68 /**
69 * Table prefix
70 * @var string
71 * @access private
72 */
73 var $prefix = TABLE_PREFIX;
74
75 // ###################################################################
76 /**
77 * Set field: salt
78 *
79 * @access private
80 */
81 function set_salt()
82 {
83 $this->set('salt', $this->registry->funct->rand(array(1, 15)));
84 }
85
86 // ###################################################################
87 /**
88 * Set field: authkey
89 *
90 * @access private
91 */
92 function set_authkey()
93 {
94 $this->set('authkey', $this->registry->funct->rand());
95 }
96
97 // ###################################################################
98 /**
99 * Pre-insert
100 *
101 * @access private
102 */
103 function pre_insert()
104 {
105 $this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
106 }
107
108 // ###################################################################
109 /**
110 * Post-insert
111 *
112 * @access protected
113 */
114 function post_insert()
115 {
116 $this->registry->db->query("
117 INSERT INTO " . TABLE_PREFIX . "useremail
118 (userid, mask, relation)
119 VALUES
120 (" . $this->insertid . ", 32, 0),
121 (" . $this->insertid . ", 320, 1),
122 (" . $this->insertid . ", 1984, 2),
123 (" . $this->insertid . ", 64, 4),
124 (" . $this->insertid . ", 64, 8),
125 (" . $this->insertid . ", 256, 16
126 )
127 ");
128 build_assignedto();
129 }
130
131 // ###################################################################
132 /**
133 * Verify: email
134 *
135 * @access private
136 */
137 function verify_email()
138 {
139 if (!is_bool($ne = $this->verify_noempty('email')))
140 {
141 return $ne;
142 }
143
144 if (!$this->registry->funct->is_valid_email($this->values['email']))
145 {
146 return _('The specified email is invalid.');
147 }
148 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
149 {
150 return _('The specified email is already in use.');
151 }
152 return true;
153 }
154
155 // ###################################################################
156 /**
157 * Verify: displayname
158 *
159 * @access private
160 */
161 function verify_displayname()
162 {
163 if (!is_bool($ne = $this->verify_noempty('displayname')))
164 {
165 return $ne;
166 }
167
168 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
169 {
170 return _('That display name is already in use by another user.');
171 }
172 return true;
173 }
174
175 // ###################################################################
176 /**
177 * Verify: usergroupid
178 *
179 * @access private
180 */
181 function verify_usergroupid()
182 {
183 if (!isset($this->registry->datastore['usergroup'][ $this->values['usergroupid'] ]))
184 {
185 return false;
186 }
187 return true;
188 }
189
190 // ###################################################################
191 /**
192 * Pre-update
193 *
194 * @access private
195 */
196 function pre_update()
197 {
198 $this->set_condition();
199 $this->fetch();
200
201 if ($this->values['password'] == '')
202 {
203 $this->set('password', $this->objdata['password']);
204 }
205 else
206 {
207 $this->registry->debug("updating password = true");
208 $this->set('password', md5(md5($this->values['password']) . md5($this->objdata['salt'])));
209 }
210 }
211
212 // ###################################################################
213 /**
214 * Post-update
215 *
216 * @access protected
217 */
218 function post_update()
219 {
220 $username = $this->registry->escape($this->values['displayname']);
221 $id = $this->values['userid'];
222
223 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET username = '$username' WHERE userid = $id");
224 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
225 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
226
227 build_assignedto();
228 }
229
230 // ###################################################################
231 /**
232 * Pre-delete
233 *
234 * @access protected
235 */
236 function pre_delete()
237 {
238 if ($this->values['userid'] == $this->registry->userinfo['userid'])
239 {
240 $this->error(_('You cannot delete your own account!'));
241 }
242
243 if ($this->values['usergroupid'] == 6)
244 {
245 $count = $this->registry->db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
246 if ($count['count'] < 1)
247 {
248 $this->error(_('At least one other administrator needs to be present before you can delete this user'));
249 }
250 }
251 }
252
253 // ###################################################################
254 /**
255 * Post-delete
256 *
257 * @access protected
258 */
259 function post_delete()
260 {
261 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
262 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
263 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
264 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
265 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
266
267 build_assignedto();
268 }
269
270 // ###################################################################
271 /**
272 * Verify: hidestatuses
273 *
274 * @access private
275 */
276 function verify_hidestatuses()
277 {
278 if (is_array($this->values['hidestatuses']))
279 {
280 $this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
281 }
282
283 return true;
284 }
285
286 // ###################################################################
287 /**
288 * Verify: defaultsortkey
289 *
290 * @access private
291 */
292 function verify_defaultsortkey()
293 {
294 if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
295 {
296 return false;
297 }
298
299 return true;
300 }
301
302 // ###################################################################
303 /**
304 * Verify: defaultsortas
305 *
306 * @access private
307 */
308 function verify_defaultsortas()
309 {
310 if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
311 {
312 return false;
313 }
314
315 return true;
316 }
317 }
318
319 /*=====================================================================*\
320 || ###################################################################
321 || # $HeadURL$
322 || # $Id$
323 || ###################################################################
324 \*=====================================================================*/
325 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.