includes/api_user.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $GLOBALS['isso:callback']->load('api', null);
  23
  24 require_once('./includes/functions_datastore.php');
  25 require_once('./includes/class_sort.php');
  26
  27 /**
  28 * API: User
  29 *
  30 * @author               Blue Static
  31 * @copyright    Copyright ©2002 - [#]year[#], Blue Static
  32 * @version              $Revision$
  33 * @package              Bugdar
  34 *
  35 */
  36 class UserAPI extends API
  37 {
  38         /**
  39         * Database fields
  40         * @var  array
  41         * @access       private
  42         */
  43         var $fields = array(
  44                 'userid'                        => array(TYPE_UINT,     REQ_AUTO,       'verify_nozero'),
  45                 'email'                         => array(TYPE_STR,      REQ_YES,        ':self'),
  46                 'displayname'           => array(TYPE_STR,      REQ_YES,        ':self'),
  47                 'usergroupid'           => array(TYPE_UINT,     REQ_YES,        ':self'),
  48                 'password'                      => array(TYPE_STR,      REQ_YES),
  49                 'salt'                          => array(TYPE_STR,      REQ_SET),
  50                 'authkey'                       => array(TYPE_STR,      REQ_SET),
  51                 'showemail'                     => array(TYPE_BOOL,     REQ_NO),
  52                 'showcolors'            => array(TYPE_BOOL,     REQ_NO),
  53                 'languageid'            => array(TYPE_UINT,     REQ_NO),
  54                 'timezone'                      => array(TYPE_FLOAT,REQ_NO),
  55                 'usedst'                        => array(TYPE_BOOL,     REQ_NO),
  56                 'hidestatuses'          => array(TYPE_STR,      REQ_NO,         ':self'),
  57                 'defaultsortkey'        => array(TYPE_STR,      REQ_NO,         ':self'),
  58                 'defaultsortas'         => array(TYPE_STR,      REQ_NO,         ':self'),
  59                 'columnoptions'         => array(TYPE_STR,      REQ_NO,         ':self')
  60         );
  61
  62         /**
  63         * Database table
  64         * @var  string
  65         * @access       private
  66         */
  67         var $table = 'user';
  68
  69         /**
  70         * Table prefix
  71         * @var  string
  72         * @access       private
  73         */
  74         var $prefix = TABLE_PREFIX;
  75
  76         // ###################################################################
  77         /**
  78         * Set field: salt
  79         *
  80         * @access       private
  81         */
  82         function set_salt()
  83         {
  84                 $this->set('salt', $this->registry->funct->rand(array(1, 15)));
  85         }
  86
  87         // ###################################################################
  88         /**
  89         * Set field: authkey
  90         *
  91         * @access       private
  92         */
  93         function set_authkey()
  94         {
  95                 $this->set('authkey', $this->registry->funct->rand());
  96         }
  97
  98         // ###################################################################
  99         /**
 100         * Pre-insert
 101         *
 102         * @access       private
 103         */
 104         function pre_insert()
 105         {
 106                 $this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
 107         }
 108
 109         // ###################################################################
 110         /**
 111         * Post-insert
 112         *
 113         * @access       protected
 114         */
 115         function post_insert()
 116         {
 117                 $this->registry->db->query("
 118                         INSERT INTO " . TABLE_PREFIX . "useremail
 119                                 (userid, mask, relation)
 120                         VALUES
 121                                 (" . $this->insertid . ", 32, 0),
 122                                 (" . $this->insertid . ", 320, 1),
 123                                 (" . $this->insertid . ", 1984, 2),
 124                                 (" . $this->insertid . ", 64, 4),
 125                                 (" . $this->insertid . ", 64, 8),
 126                                 (" . $this->insertid . ", 256, 16
 127                         )
 128                 ");
 129                 build_assignedto();
 130         }
 131
 132         // ###################################################################
 133         /**
 134         * Verify: email
 135         *
 136         * @access       private
 137         */
 138         function verify_email()
 139         {
 140                 if (!is_bool($ne = $this->verify_noempty('email')))
 141                 {
 142                         return $ne;
 143                 }
 144
 145                 if (!$this->registry->funct->is_valid_email($this->values['email']))
 146                 {
 147                         return _('The specified email is invalid.');
 148                 }
 149                 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
 150                 {
 151                         return _('The specified email is already in use.');
 152                 }
 153                 return true;
 154         }
 155
 156         // ###################################################################
 157         /**
 158         * Verify: displayname
 159         *
 160         * @access       private
 161         */
 162         function verify_displayname()
 163         {
 164                 if (!is_bool($ne = $this->verify_noempty('displayname')))
 165                 {
 166                         return $ne;
 167                 }
 168
 169                 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
 170                 {
 171                         return _('That display name is already in use by another user.');
 172                 }
 173                 return true;
 174         }
 175
 176         // ###################################################################
 177         /**
 178         * Verify: usergroupid
 179         *
 180         * @access       private
 181         */
 182         function verify_usergroupid()
 183         {
 184                 if (!isset($this->registry->datastore['usergroup'][ $this->values['usergroupid'] ]))
 185                 {
 186                         return false;
 187                 }
 188                 return true;
 189         }
 190
 191         // ###################################################################
 192         /**
 193         * Pre-update
 194         *
 195         * @access       private
 196         */
 197         function pre_update()
 198         {
 199                 $this->set_condition();
 200                 $this->fetch();
 201
 202                 if ($this->values['password'] == '')
 203                 {
 204                         $this->set('password', $this->objdata['password']);
 205                 }
 206                 else
 207                 {
 208                         $this->registry->debug("updating password = true");
 209                         $this->set('password', md5(md5($this->values['password']) . md5($this->objdata['salt'])));
 210                 }
 211         }
 212
 213         // ###################################################################
 214         /**
 215         * Post-update
 216         *
 217         * @access       protected
 218         */
 219         function post_update()
 220         {
 221                 $username =  $this->registry->escape($this->values['displayname']);
 222                 $id = $this->values['userid'];
 223
 224                 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET username = '$username' WHERE userid = $id");
 225                 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
 226                 $this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
 227
 228                 build_assignedto();
 229         }
 230
 231         // ###################################################################
 232         /**
 233         * Pre-delete
 234         *
 235         * @access       protected
 236         */
 237         function pre_delete()
 238         {
 239                 if ($this->values['userid'] == $this->registry->userinfo['userid'])
 240                 {
 241                         $this->error(_('You cannot delete your own account!'));
 242                 }
 243
 244                 if ($this->values['usergroupid'] == 6)
 245                 {
 246                         $count = $this->registry->db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
 247                         if ($count['count'] < 1)
 248                         {
 249                                 $this->error(_('At least one other administrator needs to be present before you can delete this user'));
 250                         }
 251                 }
 252         }
 253
 254         // ###################################################################
 255         /**
 256         * Post-delete
 257         *
 258         * @access       protected
 259         */
 260         function post_delete()
 261         {
 262                 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
 263                 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
 264                 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
 265                 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
 266                 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
 267
 268                 build_assignedto();
 269         }
 270
 271         // ###################################################################
 272         /**
 273         * Verify: hidestatuses
 274         *
 275         * @access       private
 276         */
 277         function verify_hidestatuses()
 278         {
 279                 if (is_array($this->values['hidestatuses']))
 280                 {
 281                         $this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
 282                 }
 283
 284                 return true;
 285         }
 286
 287         // ###################################################################
 288         /**
 289         * Verify: defaultsortkey
 290         *
 291         * @access       private
 292         */
 293         function verify_defaultsortkey()
 294         {
 295                 if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
 296                 {
 297                         return false;
 298                 }
 299
 300                 return true;
 301         }
 302
 303         // ###################################################################
 304         /**
 305         * Verify: defaultsortas
 306         *
 307         * @access       private
 308         */
 309         function verify_defaultsortas()
 310         {
 311                 if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
 312                 {
 313                         return false;
 314                 }
 315
 316                 return true;
 317         }
 318
 319         // ###################################################################
 320         /**
 321         * Verify: columnoptions
 322         *
 323         * @access       private
 324         */
 325         function verify_columnoptions()
 326         {
 327                 if (is_array($this->values['columnoptions']))
 328                 {
 329                         $this->set('columnoptions', serialize($this->values['columnoptions']));
 330                 }
 331                 return true;
 332         }
 333 }
 334
 335 /*=====================================================================*\
 336 || ###################################################################
 337 || # $HeadURL$
 338 || # $Id$
 339 || ###################################################################
 340 \*=====================================================================*/
 341 ?>