https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r1403: - Fixed a bug in UserAPI::post_update() that would clear bug.username, bug...
[bugdar.git] / includes / api_user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $GLOBALS['isso:callback']->load('api', null);
23
24 require_once('./includes/functions_datastore.php');
25 require_once('./includes/class_sort.php');
26
27 /**
28 * API: User
29 *
30 * @author Blue Static
31 * @copyright Copyright ©2002 - [#]year[#], Blue Static
32 * @version $Revision$
33 * @package Bugdar
34 *
35 */
36 class UserAPI extends API
37 {
38 /**
39 * Database fields
40 * @var array
41 * @access private
42 */
43 var $fields = array(
44 'userid' => array(TYPE_UINT, REQ_AUTO, 'verify_nozero'),
45 'email' => array(TYPE_STR, REQ_YES, ':self'),
46 'displayname' => array(TYPE_STR, REQ_YES, ':self'),
47 'usergroupid' => array(TYPE_UINT, REQ_YES, ':self'),
48 'password' => array(TYPE_STR, REQ_YES),
49 'salt' => array(TYPE_STR, REQ_SET),
50 'authkey' => array(TYPE_STR, REQ_SET),
51 'showemail' => array(TYPE_BOOL, REQ_NO),
52 'showcolors' => array(TYPE_BOOL, REQ_NO),
53 'languageid' => array(TYPE_UINT, REQ_NO),
54 'timezone' => array(TYPE_FLOAT,REQ_NO),
55 'usedst' => array(TYPE_BOOL, REQ_NO),
56 'hidestatuses' => array(TYPE_STR, REQ_NO, ':self'),
57 'defaultsortkey' => array(TYPE_STR, REQ_NO, ':self'),
58 'defaultsortas' => array(TYPE_STR, REQ_NO, ':self'),
59 'columnoptions' => array(TYPE_STR, REQ_NO, ':self')
60 );
61
62 /**
63 * Database table
64 * @var string
65 * @access private
66 */
67 var $table = 'user';
68
69 /**
70 * Table prefix
71 * @var string
72 * @access private
73 */
74 var $prefix = TABLE_PREFIX;
75
76 // ###################################################################
77 /**
78 * Set field: salt
79 *
80 * @access private
81 */
82 function set_salt()
83 {
84 $this->set('salt', $this->registry->funct->rand(array(1, 15)));
85 }
86
87 // ###################################################################
88 /**
89 * Set field: authkey
90 *
91 * @access private
92 */
93 function set_authkey()
94 {
95 $this->set('authkey', $this->registry->funct->rand());
96 }
97
98 // ###################################################################
99 /**
100 * Pre-insert
101 *
102 * @access private
103 */
104 function pre_insert()
105 {
106 $this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
107 }
108
109 // ###################################################################
110 /**
111 * Post-insert
112 *
113 * @access protected
114 */
115 function post_insert()
116 {
117 $this->registry->db->query("
118 INSERT INTO " . TABLE_PREFIX . "useremail
119 (userid, mask, relation)
120 VALUES
121 (" . $this->insertid . ", 32, 0),
122 (" . $this->insertid . ", 320, 1),
123 (" . $this->insertid . ", 1984, 2),
124 (" . $this->insertid . ", 64, 4),
125 (" . $this->insertid . ", 64, 8),
126 (" . $this->insertid . ", 256, 16
127 )
128 ");
129 build_assignedto();
130 }
131
132 // ###################################################################
133 /**
134 * Verify: email
135 *
136 * @access private
137 */
138 function verify_email()
139 {
140 if (!is_bool($ne = $this->verify_noempty('email')))
141 {
142 return $ne;
143 }
144
145 if (!$this->registry->funct->is_valid_email($this->values['email']))
146 {
147 return _('The specified email is invalid.');
148 }
149 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
150 {
151 return _('The specified email is already in use.');
152 }
153 return true;
154 }
155
156 // ###################################################################
157 /**
158 * Verify: displayname
159 *
160 * @access private
161 */
162 function verify_displayname()
163 {
164 if (!is_bool($ne = $this->verify_noempty('displayname')))
165 {
166 return $ne;
167 }
168
169 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
170 {
171 return _('That display name is already in use by another user.');
172 }
173 return true;
174 }
175
176 // ###################################################################
177 /**
178 * Verify: usergroupid
179 *
180 * @access private
181 */
182 function verify_usergroupid()
183 {
184 if (!isset($this->registry->datastore['usergroup'][ $this->values['usergroupid'] ]))
185 {
186 return false;
187 }
188 return true;
189 }
190
191 // ###################################################################
192 /**
193 * Pre-update
194 *
195 * @access private
196 */
197 function pre_update()
198 {
199 $this->set_condition();
200 $this->fetch();
201
202 if ($this->values['password'] == '')
203 {
204 $this->set('password', $this->objdata['password']);
205 }
206 else
207 {
208 $this->registry->debug("updating password = true");
209 $this->set('password', md5(md5($this->values['password']) . md5($this->objdata['salt'])));
210 }
211 }
212
213 // ###################################################################
214 /**
215 * Post-update
216 *
217 * @access protected
218 */
219 function post_update()
220 {
221 if (isset($this->values['displayname']))
222 {
223 $username = $this->registry->escape($this->values['displayname']);
224 $id = $this->values['userid'];
225
226 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET username = '$username' WHERE userid = $id");
227 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
228 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
229 }
230
231 if (isset($this->values['displayname']) OR isset($this->values['email']))
232 {
233 build_assignedto();
234 }
235 }
236
237 // ###################################################################
238 /**
239 * Pre-delete
240 *
241 * @access protected
242 */
243 function pre_delete()
244 {
245 if ($this->values['userid'] == $this->registry->userinfo['userid'])
246 {
247 $this->error(_('You cannot delete your own account!'));
248 }
249
250 if ($this->values['usergroupid'] == 6)
251 {
252 $count = $this->registry->db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
253 if ($count['count'] < 1)
254 {
255 $this->error(_('At least one other administrator needs to be present before you can delete this user'));
256 }
257 }
258 }
259
260 // ###################################################################
261 /**
262 * Post-delete
263 *
264 * @access protected
265 */
266 function post_delete()
267 {
268 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
269 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
270 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
271 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
272 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
273
274 build_assignedto();
275 }
276
277 // ###################################################################
278 /**
279 * Verify: hidestatuses
280 *
281 * @access private
282 */
283 function verify_hidestatuses()
284 {
285 if (is_array($this->values['hidestatuses']))
286 {
287 $this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
288 }
289
290 return true;
291 }
292
293 // ###################################################################
294 /**
295 * Verify: defaultsortkey
296 *
297 * @access private
298 */
299 function verify_defaultsortkey()
300 {
301 if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
302 {
303 return false;
304 }
305
306 return true;
307 }
308
309 // ###################################################################
310 /**
311 * Verify: defaultsortas
312 *
313 * @access private
314 */
315 function verify_defaultsortas()
316 {
317 if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
318 {
319 return false;
320 }
321
322 return true;
323 }
324
325 // ###################################################################
326 /**
327 * Verify: columnoptions
328 *
329 * @access private
330 */
331 function verify_columnoptions()
332 {
333 if (is_array($this->values['columnoptions']))
334 {
335 $this->set('columnoptions', serialize($this->values['columnoptions']));
336 }
337 return true;
338 }
339 }
340
341 /*=====================================================================*\
342 || ###################################################################
343 || # $HeadURL$
344 || # $Id$
345 || ###################################################################
346 \*=====================================================================*/
347 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.