<?php
/*=====================================================================*\
|| ###################################################################
|| # Bugdar
|| # Copyright Š2002-2007 Blue Static
|| #
|| # This program is free software; you can redistribute it and/or modify
|| # it under the terms of the GNU General Public License as published by
|| # the Free Software Foundation; version 2 of the License.
|| #
|| # This program is distributed in the hope that it will be useful, but
|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|| # more details.
|| #
|| # You should have received a copy of the GNU General Public License along
|| # with this program; if not, write to the Free Software Foundation, Inc.,
|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|| ###################################################################
\*=====================================================================*/

require_once ISSO . '/Api.php';
require_once('./includes/functions_datastore.php');
require_once('./includes/class_sort.php');

/**
* API: User
*
* @author		Blue Static
* @copyright	Copyright Š2002 - 2007, Blue Static
* @version		$Revision$
* @package		Bugdar
* 
*/
class UserAPI extends BSApi
{
	/**
	* Database fields
	* @var	array
	* @access	private
	*/
	var $fields = array(
		'userid'			=> array(TYPE_UINT,	REQ_AUTO,	'verify_nozero'),
		'email'				=> array(TYPE_STR,	REQ_YES,	':self'),
		'displayname'		=> array(TYPE_STR,	REQ_YES,	':self'),
		'usergroupid'		=> array(TYPE_UINT,	REQ_YES,	':self'),
		'groupids'			=> array(TYPE_STR,	REQ_NO,		':self'),
		'password'			=> array(TYPE_STR,	REQ_YES),
		'salt'				=> array(TYPE_STR,	REQ_SET),
		'authkey'			=> array(TYPE_STR,	REQ_SET),
		'showemail'			=> array(TYPE_BOOL,	REQ_NO),
		'showcolors'		=> array(TYPE_BOOL,	REQ_NO),
		'languageid'		=> array(TYPE_UINT,	REQ_NO),
		'timezone'			=> array(TYPE_FLOAT,REQ_NO),
		'usedst'			=> array(TYPE_BOOL,	REQ_NO),
		'hidestatuses'		=> array(TYPE_STR,	REQ_NO,		':self'),
		'defaultsortkey'	=> array(TYPE_STR,	REQ_NO,		':self'),
		'defaultsortas'		=> array(TYPE_STR,	REQ_NO,		':self'),
		'columnoptions'		=> array(TYPE_STR,	REQ_NO,		':self'),
		'authid'			=> array(TYPE_STR,	REQ_NO)
	);
	
	/**
	* Database table
	* @var	string
	* @access	private
	*/
	var $table = 'user';
	
	/**
	* Table prefix
	* @var	string
	* @access	private
	*/
	var $prefix = TABLE_PREFIX;
	
	// ###################################################################
	/**
	* Set field: salt
	*
	* @access	private
	*/
	function set_salt()
	{
		$this->set('salt', BSFunctions::random(rand(3, 15)));
	}
	
	// ###################################################################
	/**
	* Set field: authkey
	*
	* @access	private
	*/
	function set_authkey()
	{
		$this->set('authkey', BSFunctions::random());
	}
	
	// ###################################################################
	/**
	* Pre-insert
	*
	* @access	private
	*/
	function pre_insert()
	{
		$this->set('password', md5(md5($this->values['password']) . md5($this->values['salt'])));
	}
	
	// ###################################################################
	/**
	* Post-insert
	*
	* @access	protected
	*/
	function post_insert()
	{
		BSApp::$db->query("
			INSERT INTO " . TABLE_PREFIX . "useremail
				(userid, mask, relation)
			VALUES
				(" . $this->insertid . ", 32, 0),
				(" . $this->insertid . ", 320, 1),
				(" . $this->insertid . ", 1984, 2),
				(" . $this->insertid . ", 64, 4),
				(" . $this->insertid . ", 64, 8),
				(" . $this->insertid . ", 256, 16
			)
		");
		build_assignedto();
	}
	
	// ###################################################################
	/**
	* Verify: email
	*
	* @access	private
	*/
	function verify_email()
	{
		if (!is_bool($ne = $this->verify_noempty('email')))
		{
			return $ne;
		}
		
		if (!BSFunctions::is_valid_email($this->values['email']))
		{
			return T('The specified email is invalid.');
		}
		if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
		{
			return T('The specified email is already in use.');
		}
		return true;
	}
	
	// ###################################################################
	/**
	* Verify: displayname
	*
	* @access	private
	*/
	function verify_displayname()
	{
		if (!is_bool($ne = $this->verify_noempty('displayname')))
		{
			return $ne;
		}
		
		if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
		{
			return T('That display name is already in use by another user.');
		}
		return true;
	}
	
	// ###################################################################
	/**
	* Verify: usergroupid
	*
	* @access	private
	*/
	function verify_usergroupid()
	{
		if (!isset(bugdar::$datastore['usergroup'][ $this->values['usergroupid'] ]))
		{
			return false;
		}
		return true;
	}
	
	// ###################################################################
	/**
	* Verify: groupids
	*
	* @access	private
	*/
	function verify_groupids()
	{
		$groups = $this->values['groupids'];
		if (!is_array($groups))
		{
			$groups = explode(',', $this->values['groupids']);
		}
		$groups = BSFunctions::array_strip_empty($groups);
		
		foreach ($groups AS $group)
		{
			if (!isset(bugdar::$datastore['usergroup']["$group"]))
			{
				return false;
			}
		}
		
		$this->values['groupids'] = implode(',', $groups);
		
		return true;
	}
	
	// ###################################################################
	/**
	* Pre-update
	*
	* @access	private
	*/
	function pre_update()
	{
		$this->setCondition();
		$this->fetch();
		
		if ($this->values['password'] == '')
		{
			$this->set('password', $this->record['password']);
		}
		else
		{
			BSApp::debug("updating password = true");
			$this->set('password', md5(md5($this->values['password']) . md5($this->record['salt'])));
		}
	}
	
	// ###################################################################
	/**
	* Post-update
	*
	* @access	protected
	*/
	function post_update()
	{
		if (isset($this->values['displayname']))
		{
			$username =  $this->registry->escape($this->values['displayname']);
			$id = $this->values['userid'];

			$this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET username = '$username' WHERE userid = $id");
			$this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET lastpostbyname = '$username' WHERE lastpostby = $id");
			$this->registry->db->query("UPDATE " . TABLE_PREFIX . "bug SET hiddenlastpostbyname = '$username' WHERE hiddenlastpostby = $id");
		}
		
		if (isset($this->values['displayname']) OR isset($this->values['email']))
		{
			build_assignedto();
		}
	}
	
	// ###################################################################
	/**
	* Pre-delete
	*
	* @access	protected
	*/
	function pre_delete()
	{
		if ($this->values['userid'] == bugdar::$userinfo['userid'])
		{
			$this->error(T('You cannot delete your own account!'));
		}
		
		if ($this->values['usergroupid'] == 6)
		{
			$count = $this->registry->db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> " . $this->values['userid']);
			if ($count['count'] < 1)
			{
				$this->error(T('At least one other administrator needs to be present before you can delete this user'));
			}
		}
	}
	
	// ###################################################################
	/**
	* Post-delete
	*
	* @access	protected
	*/
	function post_delete()
	{
		$this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = " . $this->values['userid']);
		$this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $this->values['userid']);
		$this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $this->values['userid']);
		$this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $this->values['userid']);
		$this->registry->db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $this->values['userid']);
		
		build_assignedto();
	}
	
	// ###################################################################
	/**
	* Verify: hidestatuses
	*
	* @access	private
	*/
	function verify_hidestatuses()
	{
		if (is_array($this->values['hidestatuses']))
		{
			$this->set('hidestatuses', implode(',', $this->values['hidestatuses']));
		}
		
		return true;
	}
	
	// ###################################################################
	/**
	* Verify: defaultsortkey
	*
	* @access	private
	*/
	function verify_defaultsortkey()
	{
		if (!ListSorter::fetch_by_text($this->values['defaultsortkey']))
		{
			return false;
		}
		
		return true;
	}
	
	// ###################################################################
	/**
	* Verify: defaultsortas
	*
	* @access	private
	*/
	function verify_defaultsortas()
	{
		if (!ListSorter::fetch_as_text($this->values['defaultsortas']))
		{
			return false;
		}
		
		return true;
	}
	
	// ###################################################################
	/**
	* Verify: columnoptions
	*
	* @access	private
	*/
	function verify_columnoptions()
	{
		if (is_array($this->values['columnoptions']))
		{
			$this->set('columnoptions', serialize($this->values['columnoptions']));
		}
		return true;
	}
}

/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>