https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r928: Fixing more bugs in APIs
[bugdar.git] / includes / api_user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $GLOBALS['isso:callback']->load('api', null);
23
24 require_once('./includes/functions_datastore.php');
25
26 /**
27 * API: User
28 *
29 * @author Iris Studios, Inc.
30 * @copyright Copyright ©2002 - [#]year[#], Iris Studios, Inc.
31 * @version $Revision$
32 * @package Bugdar
33 *
34 */
35 class UserAPI extends API
36 {
37 /**
38 * Database fields
39 * @var array
40 * @access private
41 */
42 var $fields = array(
43 'userid' => array(TYPE_UINT, REQ_AUTO, 'verify_nozero'),
44 'email' => array(TYPE_STR, REQ_YES, ':self'),
45 'displayname' => array(TYPE_STR, REQ_YES, ':self'),
46 'usergroupid' => array(TYPE_UINT, REQ_YES, ':self'),
47 'password' => array(TYPE_STR, REQ_YES),
48 'salt' => array(TYPE_STR, REQ_SET),
49 'authkey' => array(TYPE_STR, REQ_SET),
50 'showemail' => array(TYPE_BOOL, REQ_NO),
51 'showcolours' => array(TYPE_BOOL, REQ_NO),
52 'languageid' => array(TYPE_UINT, REQ_NO),
53 'timezone' => array(TYPE_INT, REQ_NO),
54 'usedst' => array(TYPE_BOOL, REQ_NO)
55 );
56
57 /**
58 * Database table
59 * @var string
60 * @access private
61 */
62 var $table = 'user';
63
64 /**
65 * Table prefix
66 * @var string
67 * @access private
68 */
69 var $prefix = TABLE_PREFIX;
70
71 // ###################################################################
72 /**
73 * Set field: salt
74 *
75 * @access private
76 */
77 function set_salt()
78 {
79 $this->set('salt', $this->registry->funct->rand(array(1, 15)));
80 }
81
82 // ###################################################################
83 /**
84 * Set field: authkey
85 *
86 * @access private
87 */
88 function set_authkey()
89 {
90 $this->set('authkey', $this->registry->funct->rand());
91 }
92
93 // ###################################################################
94 /**
95 * Pre-insert
96 *
97 * @access private
98 */
99 function pre_insert()
100 {
101 $this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
102 }
103
104 // ###################################################################
105 /**
106 * Post-insert
107 *
108 * @access protected
109 */
110 function post_insert()
111 {
112 build_assignedto();
113 }
114
115 // ###################################################################
116 /**
117 * Verify: email
118 *
119 * @access private
120 */
121 function verify_email()
122 {
123 if (!is_bool($ne = $this->verify_noempty('email')))
124 {
125 return $ne;
126 }
127
128 if (!$this->registry->funct->is_valid_email($this->values['email']))
129 {
130 return $this->registry->lang->string('The specified email is invalid.');
131 }
132 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->values['userid']))
133 {
134 return $this->registry->lang->string('The specified email is already in use.');
135 }
136 return true;
137 }
138
139 // ###################################################################
140 /**
141 * Verify: displayname
142 *
143 * @access private
144 */
145 function verify_displayname()
146 {
147 if (!is_bool($ne = $this->verify_noempty('displayname')))
148 {
149 return $ne;
150 }
151
152 if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->values['userid']))
153 {
154 return $this->registry->lang->string('That display name is already in use by another user.');
155 }
156 return true;
157 }
158
159 // ###################################################################
160 /**
161 * Verify: usergroupid
162 *
163 * @access private
164 */
165 function verify_usergroupid()
166 {
167 if (!isset($this->registry->datastore['usergroup'][ $this->values['usergroupid'] ]))
168 {
169 return false;
170 }
171 return true;
172 }
173
174 // ###################################################################
175 /**
176 * Pre-update
177 *
178 * @access private
179 */
180 function pre_update()
181 {
182 $this->set_condition();
183 $this->fetch();
184
185 if ($this->values['password'] == '')
186 {
187 $this->set('password', $this->objdata['password']);
188 }
189 else
190 {
191 $this->registry->debug("updating password = true");
192 $this->set('password', md5(md5($this->values['password']) . md5($this->objdata['salt'])));
193 }
194 }
195
196 // ###################################################################
197 /**
198 * Post-update
199 *
200 * @access protected
201 */
202 function post_update()
203 {
204 build_assignedto();
205 }
206
207 // ###################################################################
208 /**
209 * Pre-delete
210 *
211 * @access protected
212 */
213 function pre_delete()
214 {
215 if ($this->values['userid'] == $this->registry->userinfo['userid'])
216 {
217 $this->error($lang->string('You cannot delete your own account!'));
218 }
219
220 if ($this->values['usergroupid'] == 6)
221 {
222 $count = $this->registry->db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
223 if ($count['count'] < 1)
224 {
225 $this->error($lang->string('At least one other administrator needs to be present before you can delete this user'));
226 }
227 }
228 }
229
230 // ###################################################################
231 /**
232 * Post-delete
233 *
234 * @todo Finish post-delete user data cleanup
235 *
236 * @access protected
237 */
238 function post_delete()
239 {
240 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
241 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "favourite WHERE userid = " . $this->values['userid']);
242 $this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
243
244 build_assignedto();
245 }
246 }
247
248 /*=====================================================================*\
249 || ###################################################################
250 || # $HeadURL$
251 || # $Id$
252 || ###################################################################
253 \*=====================================================================*/
254 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.