<?php
/*=====================================================================*\
|| ###################################################################
|| # Bugdar
|| # Copyright (c)2004-2009 Blue Static
|| #
|| # This program is free software; you can redistribute it and/or modify
|| # it under the terms of the GNU General Public License as published by
|| # the Free Software Foundation; version 2 of the License.
|| #
|| # This program is distributed in the hope that it will be useful, but
|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|| # more details.
|| #
|| # You should have received a copy of the GNU General Public License along
|| # with this program; if not, write to the Free Software Foundation, Inc.,
|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|| ###################################################################
\*=====================================================================*/

require_once ISSO . '/Api.php';
require_once('./includes/functions_datastore.php');
require_once('./includes/class_sort.php');

/**
 * API: User
 *
 * @author		Blue Static
 * @copyright	Copyright (c)2004 - 2009, Blue Static
 * @package		Bugdar
 * 
 */
class UserAPI extends BSApi
{
	/**
	 * Database fields
	 * @var	array
	 */
	protected $fields = array(
		'userid'			=> array(TYPE_UINT,	REQ_AUTO),
		'email'				=> array(TYPE_STR,	REQ_YES),
		'displayname'		=> array(TYPE_STR,	REQ_YES),
		'usergroupid'		=> array(TYPE_UINT,	REQ_YES),
		'groupids'			=> array(TYPE_STR,	REQ_NO),
		'password'			=> array(TYPE_STR,	REQ_YES),
		'salt'				=> array(TYPE_STR,	REQ_SET),
		'authkey'			=> array(TYPE_STR,	REQ_SET),
		'showemail'			=> array(TYPE_BOOL,	REQ_NO),
		'showcolors'		=> array(TYPE_BOOL,	REQ_NO),
		'languageid'		=> array(TYPE_UINT,	REQ_NO),
		'timezone'			=> array(TYPE_FLOAT,REQ_NO),
		'usedst'			=> array(TYPE_BOOL,	REQ_NO),
		'hidestatuses'		=> array(TYPE_STR,	REQ_NO),
		'defaultsortkey'	=> array(TYPE_STR,	REQ_NO),
		'defaultsortas'		=> array(TYPE_STR,	REQ_NO),
		'columnoptions'		=> array(TYPE_STR,	REQ_NO),
		'authid'			=> array(TYPE_STR,	REQ_NO)
	);
	
	/**
	 * Database table
	 * @var	string
	 */
	protected $table = 'user';
	
	/**
	 * Table prefix
	 * @var	string
	 */
	protected $prefix = TABLE_PREFIX;
	
	/**
	 * Set field: salt
	 */
	protected function set_salt()
	{
		$this->set('salt', BSFunctions::random(rand(3, 15)));
	}
	
	/**
	 * Set field: authkey
	 */
	protected function set_authkey()
	{
		$this->set('authkey', BSFunctions::random());
	}
	
	/**
	 * Pre-insert
	 */
	protected function pre_insert()
	{
		$this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
	}
	
	/**
	 * Post-insert
	 */
	protected function post_insert()
	{
		BSApp::$db->query("
			INSERT INTO " . TABLE_PREFIX . "useremail
				(userid, mask, relation)
			VALUES
				(" . $this->insertid . ", 32, 0),
				(" . $this->insertid . ", 320, 1),
				(" . $this->insertid . ", 1984, 2),
				(" . $this->insertid . ", 64, 4),
				(" . $this->insertid . ", 64, 8),
				(" . $this->insertid . ", 256, 16
			)
		");
		build_assignedto();
	}
	
	/**
	 * Validate: email
	 */
	protected function validate_email($field)
	{
		if (!$this->_verifyIsNotEmpty($field))
		{
			return false;
		}
		
		if (!BSFunctions::is_valid_email($this->values['email']))
		{
			$this->_error(new FieldException(T('The specified email is invalid.'), 'email'));
			return false;
		}
		if (BSApp::$db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . BSApp::$input->escape($this->values['email']) . "' AND userid <> " . BSApp::$input->clean($this->values['userid'], TYPE_UINT)))
		{
			$this->_error(new FieldException(T('The specified email is already in use.'), 'email'));
			return false;
		}
		return true;
	}
	
	/**
	 * Validate: displayname
	 */
	protected function validate_displayname($field)
	{
		if (!$this->_verifyIsNotEmpty($field))
		{
			return false;
		}
		
		if (BSApp::$db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . BSApp::$input->escape($this->values['displayname']) . "' AND userid <> " . BSApp::$input->clean($this->values['userid'], TYPE_UINT)))
		{
			$this->_error(new FieldException(T('That display name is already in use by another user.'), 'displayname'));
			return false;
		}
		return true;
	}
	
	/**
	 * Validate: usergroupid
	 */
	protected function validate_usergroupid($field)
	{
		if (!isset(bugdar::$datastore['usergroup'][ $this->values['usergroupid'] ]))
		{
			$this->_error(new FieldException(L_INVALID_ID, $field));
			return false;
		}
		return true;
	}
	
	/**
	 * Validate: groupids
	 */
	protected function validate_groupids($field)
	{
		$groups = $this->values['groupids'];
		if (!is_array($groups))
		{
			$groups = explode(',', $this->values['groupids']);
		}
		$groups = BSFunctions::array_strip_empty($groups);
		
		foreach ($groups as $group)
		{
			if (!isset(bugdar::$datastore['usergroup']["$group"]))
			{
				$this->_error(new FieldException(L_INVALID_ID, $field));
				return false;
			}
		}
		
		$this->values['groupids'] = implode(',', $groups);
		
		return true;
	}
	
	/**
	 * Pre-update
	 */
	protected function pre_update()
	{
		$this->setCondition();
		$this->fetch();
		
		if ($this->values['password'] == '')
		{
			$this->set('password', $this->record['password']);
		}
		else
		{
			BSApp::debug("updating password = true");
			$this->set('password', md5(md5($this->values['password']) . md5($this->record['salt'])));
		}
	}
	
	/**
	 * Post-update
	 */
	protected function post_update()
	{
		if (isset($this->values['displayname']))
		{
			$username =  BSApp::$input->escape($this->values['displayname']);
			$id = $this->values['userid'];

			BSApp::$db->query("UPDATE " . TABLE_PREFIX . "bug SET username = '$username' WHERE userid = $id");
			BSApp::$db->query("UPDATE " . TABLE_PREFIX . "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
			BSApp::$db->query("UPDATE " . TABLE_PREFIX . "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
		}
		
		if (isset($this->values['displayname']) || isset($this->values['email']))
		{
			build_assignedto();
		}
	}
	
	/**
	 * Pre-delete
	 */
	protected function pre_delete()
	{
		if ($this->values['userid'] == bugdar::$userinfo['userid'])
		{
			
			$this->error(T('You cannot delete your own account!'));
		}
		
		if ($this->values['usergroupid'] == 6)
		{
			$count = BSApp::$db->queryFirst("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
			if ($count['count'] < 1)
			{
				$this->error(T('At least one other administrator needs to be present before you can delete this user'));
			}
		}
	}
	
	/**
	 * Post-delete
	 */
	protected function post_delete()
	{
		BSApp::$db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
		BSApp::$db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
		BSApp::$db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
		BSApp::$db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
		BSApp::$db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
		
		build_assignedto();
	}
	
	/**
	 * Validate: hidestatuses
	 */
	protected function validate_hidestatuses($field)
	{
		if (is_array($this->values['hidestatuses']))
		{
			$this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
		}
		
		return true;
	}
	
	/**
	 * Validate: defaultsortkey
	 */
	protected function validate_defaultsortkey($field)
	{
		if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
		{
			$this->_error(new FieldException(L_INVALID_ID, $field));
			return false;
		}
		
		return true;
	}
	
	/**
	 * Validate: defaultsortas
	 */
	protected function validate_defaultsortas($field)
	{
		if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
		{
			$this->_error(new FieldException(L_INVALID_ID, $field));
			return false;
		}
		
		return true;
	}
	
	/**
	 * Validate: columnoptions
	 */
	protected function validate_columnoptions($field)
	{
		if (is_array($this->values['columnoptions']))
		{
			$this->set('columnoptions', serialize($this->values['columnoptions']));
		}
		return true;
	}
}

?>