3 * FusionForge user management
5 * Copyright 1999-2001, VA Linux Systems, Inc.
6 * Copyright 2009, Roland Mas
8 * This file is part of FusionForge.
10 * FusionForge is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published
12 * by the Free Software Foundation; either version 2 of the License,
13 * or (at your option) any later version.
15 * FusionForge is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with FusionForge; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
26 require_once $gfwww.'include/vote_function.php';
30 * user_get_object_by_name() - Get User object by username.
31 * user_get_object is useful so you can pool user objects/save database queries
32 * You should always use this instead of instantiating the object directly
34 * @param string The unix username - required
35 * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
36 * @return a user object or false on failure
39 function &user_get_object_by_name($user_name,$res=false) {
40 $user_name = strtolower($user_name);
42 $res = db_query_params ('SELECT * FROM users WHERE user_name=$1',
45 return user_get_object(db_result($res,0,'user_id'),$res);
49 * user_get_object_by_email() - Get User object by email address
50 * Only works if sys_require_unique_email is true
52 * @param string The unix username - required
53 * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
54 * @return a user object or false on failure
57 function user_get_object_by_email($email,$res=false) {
58 if (!validate_email($email)
59 || !forge_get_config('require_unique_email')) {
63 $res=db_query_params('SELECT * FROM users WHERE email=$1',
66 return user_get_object(db_result($res,0,'user_id'),$res);
70 * user_get_object() - Get User object by user ID.
71 * user_get_object is useful so you can pool user objects/save database queries
72 * You should always use this instead of instantiating the object directly
74 * @param int The ID of the user - required
75 * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
76 * @return a user object or false on failure
79 function &user_get_object($user_id,$res=false) {
80 //create a common set of group objects
81 //saves a little wear on the database
83 //automatically checks group_type and
84 //returns appropriate object
87 if (!isset($USER_OBJ["_".$user_id."_"])) {
89 //the db result handle was passed in
91 $res = db_query_params ('SELECT * FROM users WHERE user_id=$1',
94 if (!$res || db_numrows($res) < 1) {
95 $USER_OBJ["_".$user_id."_"]=false;
97 $USER_OBJ["_".$user_id."_"]= new GFUser($user_id,$res);
100 return $USER_OBJ["_".$user_id."_"];
103 function &user_get_objects($id_arr) {
108 for ($i=0; $i<count($id_arr); $i++) {
110 // See if this ID already has been fetched in the cache
115 if (!isset($USER_OBJ["_".$id_arr[$i]."_"])) {
116 $fetch[]=$id_arr[$i];
118 $return[] =& $USER_OBJ["_".$id_arr[$i]."_"];
121 if (count($fetch) > 0) {
122 $res = db_query_params ('SELECT * FROM users WHERE user_id = ANY ($1)',
123 array (db_int_array_to_any_clause ($fetch))) ;
124 while ($arr =& db_fetch_array($res)) {
125 $USER_OBJ["_".$arr['user_id']."_"] = new GFUser($arr['user_id'],$arr);
126 $return[] =& $USER_OBJ["_".$arr['user_id']."_"];
132 function &user_get_objects_by_name($username_arr) {
133 $res = db_query_params ('SELECT user_id FROM users WHERE user_name = ANY ($1)',
134 array (db_string_array_to_any_clause ($username_arr))) ;
135 $arr =& util_result_column_to_array($res,0);
136 return user_get_objects($arr);
139 class GFUser extends Error {
141 * Associative array of data from db.
143 * @var array $data_array.
148 * Is this person a site super-admin?
150 * @var bool $is_super_user
155 * Is this person the logged in user?
157 * @var bool $is_logged_in
162 * Array of preferences
164 * @var array $user_pref
172 * GFUser($id,$res) - CONSTRUCTOR - GENERALLY DON'T USE THIS
174 * instead use the user_get_object() function call
176 * @param int The user_id
177 * @param int The database result set OR array of data
179 function GFUser($id=false,$res=false) {
182 //setting up an empty object
183 //probably going to call create()
187 $this->fetchData($id);
189 if (is_array($res)) {
190 $this->data_array =& $res;
191 } elseif (db_numrows($res) < 1) {
192 //function in class we extended
193 $this->setError('User Not Found');
194 $this->data_array=array();
197 //set up an associative array for use by other functions
198 db_reset_result($res);
199 $this->data_array = db_fetch_array($res);
202 $this->is_super_user=false;
203 $this->is_logged_in=false;
208 * create() - Create a new user.
210 * @param string The unix username.
211 * @param string The real firstname.
212 * @param string The real lastname.
213 * @param string The first password.
214 * @param string The confirmation password.
215 * @param string The users email address.
216 * @param string The users preferred default language.
217 * @param string The users preferred default timezone.
218 * @param string The users preference for receiving site updates by email.
219 * @param string The users preference for receiving community updates by email.
220 * @param int The ID of the language preference.
221 * @param string The users preferred timezone.
222 * @param string The users Jabber address.
223 * @param int The users Jabber preference.
224 * @param int The users theme_id.
225 * @param string The users unix_box.
226 * @param string The users address.
227 * @param string The users address part 2.
228 * @param string The users phone.
229 * @param string The users fax.
230 * @param string The users title.
231 * @param char(2) The users ISO country_code.
232 * @param bool Whether to send an email or not
233 * @returns The newly created user ID
236 function create($unix_name,$firstname,$lastname,$password1,$password2,$email,
237 $mail_site,$mail_va,$language_id,$timezone,$jabber_address,$jabber_only,$theme_id,
238 $unix_box='shell',$address='',$address2='',$phone='',$fax='',$title='',$ccode='US',$send_mail=true) {
241 $this->setError(_('You must supply a theme'));
244 if (! forge_get_config('require_unique_email')) {
246 $this->setError(_('You must supply a username'));
251 $this->setError(_('You must supply a first name'));
255 $this->setError(_('You must supply a last name'));
259 $this->setError(_('You must supply a password'));
262 if ($password1 != $password2) {
263 $this->setError(_('Passwords do not match'));
266 if (!account_pwvalid($password1)) {
267 $this->setError(_('Invalid Password:'));
270 $unix_name=strtolower($unix_name);
271 if (!account_namevalid($unix_name)) {
272 $this->setError(_('Invalid Unix Name.'));
275 if (!$SYS->sysUseUnixName($unix_name)) {
276 $this->setError(_('Unix name already taken'));
279 if (!validate_email($email)) {
280 $this->setError(_('Invalid Email Address'));
283 if ($jabber_address && !validate_email($jabber_address)) {
284 $this->setError(_('Invalid Jabber Address'));
292 if ($unix_name && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name LIKE $1',
293 array ($unix_name))) > 0) {
294 $this->setError(_('That username already exists.'));
297 if (forge_get_config('require_unique_email')) {
298 if (user_get_object_by_email ('$email')) {
299 $this->setError(_('User with this email already exists - use people search to recover your login.'));
303 if (forge_get_config('require_unique_email') && !$unix_name) {
304 // Let's generate a loginname for the user
305 // ...based on the email address:
306 $email_array = explode ('@', $email, 2) ;
307 $email_u = $email_array [0] ;
308 $l = ereg_replace ('[^a-z0-9]', '', $email_u) ;
309 $l = substr ($l, 0, 15) ;
310 // Is the user part of the email address okay?
311 if (account_namevalid($l)
312 && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
316 // No? What if we add a number at the end?
319 $c = substr ($l, 0, 15-strlen ("$i")) . "$i" ;
320 if (account_namevalid($c)
321 && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
329 // If we're really unlucky, then let's go brute-force
330 while (!$unix_name) {
331 $c = substr (md5($email . rand()), 0, 15) ;
332 if (account_namevalid($c)
333 && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
339 $unix_name=strtolower($unix_name);
340 if (!account_namevalid($unix_name)) {
341 $this->setError(_('Invalid Unix Name.'));
344 // if we got this far, it must be good
345 $confirm_hash = substr(md5($password1 . rand() . microtime()),0,16);
347 $result = db_query_params ('INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,status,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,unix_box,address,address2,phone,fax,title,ccode,theme_id) VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24)',
350 account_genunixpw($password1),
351 htmlspecialchars($firstname.' '.$lastname),
352 htmlspecialchars($firstname),
353 htmlspecialchars($lastname),
358 (($mail_site)?"1":"0"),
359 (($mail_va)?"1":"0"),
365 htmlspecialchars($address),
366 htmlspecialchars($address2),
367 htmlspecialchars($phone),
368 htmlspecialchars($fax),
369 htmlspecialchars($title),
373 $this->setError(_('Insert Failed') . db_error());
378 $id = db_insertid($result,'users','user_id');
380 $this->setError('Could Not Get USERID: ' .db_error());
385 if (!$this->fetchData($id)) {
390 $hook_params = array ();
391 $hook_params['user'] = $this;
392 $hook_params['user_id'] = $this->getID();
393 $hook_params['user_name'] = $unix_name;
394 $hook_params['user_password'] = $password1;
395 plugin_hook ("user_create", $hook_params);
398 setup_gettext_from_lang_id($language_id);
399 $this->sendRegistrationEmail();
400 setup_gettext_from_context();
409 * sendRegistrationEmail() - Send email for registration verification
411 * @return true or false
413 function sendRegistrationEmail() {
414 $message=stripcslashes(sprintf(_('Thank you for registering on the %3$s web site. You have
415 account with username %1$s created for you. In order
416 to complete your registration, visit the following url:
420 You have 1 week to confirm your account. After this time, your account will be deleted.
422 (If you don\'t see any URL above, it is likely due to a bug in your mail client.
423 Use one below, but make sure it is entered as the single line.)
431 $this->getUnixName(),
432 util_make_url ('/account/verify.php?confirm_hash=_'.$this->getConfirmHash()),
433 forge_get_config ('forge_name')));
436 sprintf(_('%1$s Account Registration'), forge_get_config ('forge_name')),
442 * delete() - remove the User from all his groups.
444 * Remove the User from all his groups and set his status to D.
446 * @param boolean Confirmation of deletion.
447 * @return true or false
449 function delete($sure) {
453 $groups = &$this->getGroups();
454 if (is_array($groups)) {
455 foreach ($groups as $group) {
456 $group->removeUser($this->getID());
461 $res = db_query_params ('DELETE FROM artifact_monitor WHERE user_id=$1',
462 array ($this->getID())) ;
464 $this->setError('ERROR - Could Not Delete From artifact_monitor: '.db_error());
468 $res = db_query_params ('DELETE FROM artifact_type_monitor WHERE user_id=$1',
469 array ($this->getID())) ;
471 $this->setError('ERROR - Could Not Delete From artifact_type_monitor: '.db_error());
475 $res = db_query_params ('DELETE FROM forum_monitored_forums WHERE user_id=$1',
476 array ($this->getID())) ;
478 $this->setError('ERROR - Could Not Delete From forum_monitored_forums: '.db_error());
482 $res = db_query_params ('DELETE FROM filemodule_monitor WHERE user_id=$1',
483 array ($this->getID())) ;
485 $this->setError('ERROR - Could Not Delete From filemodule_monitor: '.db_error());
490 $hook_params = array ();
491 $hook_params['user'] = $this;
492 $hook_params['user_id'] = $this->getID();
493 plugin_hook ("user_delete", $hook_params);
495 $this->setStatus('D');
502 * update() - update *common* properties of GFUser object.
504 * Use specific setter to change other properties.
506 * @param string The users first name.
507 * @param string The users last name.
508 * @param int The ID of the users language preference.
509 * @param string The useres timezone preference.
510 * @param string The users preference for receiving site updates by email.
511 * @param string The users preference for receiving community updates by email.
512 * @param string The users preference for being participating in "peer ratings".
513 * @param string The users Jabber account address.
514 * @param int The users Jabber preference.
515 * @param int The users theme_id preference.
516 * @param string The users address.
517 * @param string The users address2.
518 * @param string The users phone.
519 * @param string The users fax.
520 * @param string The users title.
521 * @param string The users ccode.
523 function update($firstname,$lastname,$language_id,$timezone,$mail_site,$mail_va,$use_ratings,
524 $jabber_address,$jabber_only,$theme_id,$address,$address2,$phone,$fax,$title,$ccode) {
525 $mail_site = $mail_site ? 1 : 0;
526 $mail_va = $mail_va ? 1 : 0;
527 $block_ratings = $use_ratings ? 0 : 1;
529 if ($jabber_address && !validate_email($jabber_address)) {
530 $this->setError(_('Invalid Jabber Address'));
541 $res = db_query_params ('
563 htmlspecialchars($firstname . ' ' .$lastname),
564 htmlspecialchars($firstname),
565 htmlspecialchars($lastname),
573 htmlspecialchars($address) ,
574 htmlspecialchars($address2) ,
575 htmlspecialchars($phone) ,
576 htmlspecialchars($fax) ,
577 htmlspecialchars($title) ,
583 $this->setError('ERROR - Could Not Update User Object: '.db_error());
587 // If there's a transaction from using to not
588 // using ratings, remove all rating made by the
589 // user (ratings by others should not be removed,
590 // as it opens possibility to abuse rate system)
591 if (!$use_ratings && $this->usesRatings()) {
592 vote_remove_all_ratings_by($this->getID());
594 if (!$this->fetchData($this->getID())) {
599 $hook_params = array ();
600 $hook_params['user'] = $this;
601 $hook_params['user_id'] = $this->getID();
602 plugin_hook ("user_update", $hook_params);
610 * fetchData - May need to refresh database fields.
612 * If an update occurred and you need to access the updated info.
614 * @return boolean success;
616 function fetchData($user_id) {
617 $res = db_query_params ('SELECT * FROM users WHERE user_id=$1',
619 if (!$res || db_numrows($res) < 1) {
620 $this->setError('GFUser::fetchData()::'.db_error());
623 $this->data_array =& db_fetch_array($res);
628 * getID - Simply return the user_id for this object.
630 * @return int This user's user_id number.
633 return $this->data_array['user_id'];
637 * getStatus - get the status of this user.
639 * Statuses include (A)ctive, (P)ending, (S)uspended ,(D)eleted.
641 * @return char This user's status flag.
643 function getStatus() {
644 return $this->data_array['status'];
648 * setStatus - set this user's status.
650 * @param string Status - P, A, S, or D.
651 * @return boolean success.
653 function setStatus($status) {
655 if ($status != 'P' && $status != 'A'
656 && $status != 'S' && $status != 'D') {
657 $this->setError('ERROR: Invalid status value');
662 $res = db_query_params ('UPDATE users SET status=$1 WHERE user_id=$2',
667 $this->setError('ERROR - Could Not Update User Status: '.db_error());
671 $this->data_array['status']=$status;
672 if ($status == 'D') {
673 // Remove this user from all groups
674 $res = db_query_params ('DELETE FROM user_group WHERE user_id=$1',
675 array ($this->getID())) ;
677 $this->setError('ERROR - Could Not Propogate Deleted Status: '.db_error());
682 $hook_params = array ();
683 $hook_params['user'] = $this;
684 $hook_params['user_id'] = $this->getID();
685 $hook_params['status'] = $status;
686 plugin_hook ("user_setstatus", $hook_params);
690 //plugin webcalendar, create cal_user
691 plugin_hook('add_cal_user',$this->getID());
698 * isActive - whether this user is confirmed and active.
700 * Database field status of 'A' returns true.
701 * @return boolean is_active.
703 function isActive() {
704 if ($this->getStatus()=='A') {
712 * getUnixStatus - Status of activation of unix account.
714 * @return char (N)one, (A)ctive, (S)uspended or (D)eleted
716 function getUnixStatus() {
717 return $this->data_array['unix_status'];
721 * setUnixStatus - Sets status of activation of unix account.
723 * @param string The unix status.
729 * @return boolean success.
731 function setUnixStatus($status) {
734 $res = db_query_params ('UPDATE users SET unix_status=$1 WHERE user_id=$2',
739 $this->setError('ERROR - Could Not Update User Unix Status: '.db_error());
743 if ($status == 'A') {
744 if (!$SYS->sysCheckCreateUser($this->getID())) {
745 $this->setError($SYS->getErrorMessage());
750 if ($SYS->sysCheckUser($this->getID())) {
751 if (!$SYS->sysRemoveUser($this->getID())) {
752 $this->setError($SYS->getErrorMessage());
759 $this->data_array['unix_status']=$status;
766 * getUnixName - the user's unix_name.
768 * @return string This user's unix/login name.
770 function getUnixName() {
771 return strtolower($this->data_array['user_name']);
775 * getUnixPasswd - get the user's password.
777 * @return string This user's unix crypted passwd.
779 function getUnixPasswd() {
780 return $this->data_array['unix_pw'];
784 * getUnixBox - the hostname of the unix box this user has an account on.
786 * @return string This user's shell login machine.
788 function getUnixBox() {
789 return $this->data_array['unix_box'];
793 * getMD5Passwd - the password.
795 * @return string This user's MD5-crypted passwd.
797 function getMD5Passwd() {
798 return $this->data_array['user_pw'];
801 //Added to be compatible with codendi getUserPw function
802 function getUserPw() {
803 return $this->data_array['user_pw'];
807 * getConfirmHash - the confirm hash in the db.
809 * @return string This user's confirmation hash.
811 function getConfirmHash() {
812 return $this->data_array['confirm_hash'];
816 * getEmail - the user's email address.
818 * @return string This user's email address.
820 function getEmail() {
821 return $this->data_array['email'];
825 * getSha1Email - a SHA1 encoded hash of the email URI (including mailto: prefix)
827 * @return string The SHA1 encoded value for the email
829 function getSha1Email() {
830 return sha1('mailto:'.$this->getEmail());
834 * getNewEmail - while changing an email address, it is stored here until confirmation.
836 * getNewEmail is a private operation for email change.
838 * @return string This user's new (not yet confirmed) email address.
841 function getNewEmail() {
842 return $this->data_array['email_new'];
846 * setEmail - set a new email address, which must be confirmed.
848 * @param string The email address.
849 * @return boolean success.
851 function setEmail($email) {
853 if (!strcasecmp($this->getEmail(), stripslashes($email))) {
857 if (!$email || !validate_email($email)) {
858 $this->setError('ERROR: Invalid Email');
862 if (forge_get_config('require_unique_email')) {
863 if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_id!=$1 AND (lower(email) LIKE $2 OR lower(email_new) LIKE $2)',
864 array ($this->getID(),
865 strtolower($email)))) > 0) {
866 $this->setError(_('User with this email already exists.'));
872 $res = db_query_params ('UPDATE users SET email=$1 WHERE user_id=$2',
877 $this->setError('ERROR - Could Not Update User Email: '.db_error());
881 $hook_params = array ();
882 $hook_params['user'] = $this;
883 $hook_params['user_id'] = $this->getID();
884 $hook_params['user_email'] = $email;
885 plugin_hook ("user_setemail", $hook_params);
887 if (!$this->fetchData($this->getId())) {
898 * setNewEmailAndHash - setNewEmailAndHash is a private operation for email change.
900 * @param string The email address.
901 * @param string The email hash.
902 * @return boolean success.
904 function setNewEmailAndHash($email, $hash='') {
907 $hash = substr(md5(strval(time()) . strval(mt_rand())), 0, 16);
910 if (!$email || !validate_email($email)) {
911 $this->setError('ERROR - Invalid Email');
915 if (forge_get_config('require_unique_email')) {
916 if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_id!=$1 AND (lower(email) LIKE $2 OR lower(email_new) LIKE $2)',
917 array ($this->getID(),
918 strtolower($email)))) > 0) {
919 $this->setError(_('User with this email already exists.'));
923 $res = db_query_params ('UPDATE users SET confirm_hash=$1, email_new=$2 WHERE user_id=$3',
928 $this->setError('ERROR - Could Not Update User Email And Hash: '.db_error());
931 $this->data_array['email_new'] = $email;
932 $this->data_array['confirm_hash'] = $hash;
938 * getRealName - get the user's real name.
940 * @return string This user's real name.
942 function getRealName() {
943 $last_name = $this->getLastName();
944 return $this->getFirstName(). ($last_name ? ' ' .$last_name:'');
948 * getFirstName - get the user's first name.
950 * @return string This user's first name.
952 function getFirstName() {
953 return $this->data_array['firstname'];
957 * getLastName - get the user's last name.
959 * @return string This user's last name.
961 function getLastName() {
962 return $this->data_array['lastname'];
966 * getAddDate - this user's unix time when account was opened.
968 * @return int This user's unix time when account was opened.
970 function getAddDate() {
971 return $this->data_array['add_date'];
975 * getTimeZone - this user's timezone setting.
977 * @return string This user's timezone setting.
979 function getTimeZone() {
980 return $this->data_array['timezone'];
984 * getCountryCode - this user's ccode setting.
986 * @return string This user's ccode setting.
988 function getCountryCode() {
989 return $this->data_array['ccode'];
993 * getShell - this user's preferred shell.
995 * @return string This user's preferred shell.
997 function getShell() {
998 return $this->data_array['shell'];
1002 * setShell - sets user's preferred shell.
1004 * @param string The users preferred shell.
1005 * @return boolean success.
1007 function setShell($shell) {
1009 $shells = file('/etc/shells');
1010 $shells[count($shells)] = "/bin/cvssh";
1011 $out_shells = array();
1012 foreach ($shells as $s) {
1013 if (substr($s, 0, 1) == '#') {
1016 $out_shells[] = chop($s);
1018 if (!in_array($shell, $out_shells)) {
1019 $this->setError('ERROR: Invalid Shell');
1024 $res = db_query_params ('UPDATE users SET shell=$1 WHERE user_id=$2',
1028 $this->setError('ERROR - Could Not Update User Unix Shell: '.db_error());
1032 // Now change LDAP attribute, but only if corresponding
1033 // entry exists (i.e. if user have shell access)
1034 if ($SYS->sysCheckUser($this->getID()))
1036 if (!$SYS->sysUserSetAttribute($this->getID(),"loginShell",$shell)) {
1037 $this->setError($SYS->getErrorMessage());
1042 $this->data_array['shell']=$shell;
1049 * getUnixUID() - Get the unix UID of the user
1051 * @return int This user's UID.
1053 function getUnixUID() {
1054 return $this->data_array['unix_uid'];
1058 * getUnixGID() - Get the unix GID of the user
1060 * @return int This user's GID.
1062 function getUnixGID() {
1063 return $this->data_array['unix_gid'];
1067 * getLanguage - this user's language_id from supported_languages table.
1069 * @return int This user's language_id.
1071 function getLanguage() {
1072 return $this->data_array['language'];
1076 * getJabberAddress - this user's optional jabber address.
1078 * @return string This user's jabber address.
1080 function getJabberAddress() {
1081 return $this->data_array['jabber_address'];
1085 * getJabberOnly - whether this person wants updates sent ONLY to jabber.
1087 * @return boolean This user's jabber preference.
1089 function getJabberOnly() {
1090 return $this->data_array['jabber_only'];
1094 * getAddress - get this user's address.
1096 * @return text This user's address.
1098 function getAddress() {
1099 return $this->data_array['address'];
1103 * getAddress2 - get this user's address2.
1105 * @return text This user's address2.
1107 function getAddress2() {
1108 return $this->data_array['address2'];
1112 * getPhone - get this person's phone number.
1114 * @return text This user's phone number.
1116 function getPhone() {
1117 return $this->data_array['phone'];
1121 * getFax - get this person's fax number.
1123 * @return text This user's fax.
1126 return $this->data_array['fax'];
1130 * getTitle - get this person's title.
1132 * @return text This user's title.
1134 function getTitle() {
1135 return $this->data_array['title'];
1139 * getGroups - get an array of groups this user is a member of.
1141 * @return array Array of groups.
1143 function &getGroups() {
1144 $res = db_query_params ('SELECT group_id FROM user_group WHERE user_id=$1',
1145 array ($this->getID())) ;
1146 $arr =& util_result_column_to_array($res,0);
1147 return group_get_objects($arr);
1151 * getAuthorizedKeys - the SSH authorized keys set by the user.
1153 * @return string This user's SSH authorized (public) keys.
1155 function getAuthorizedKeys() {
1156 return ereg_replace("###", "\n", $this->data_array['authorized_keys']);
1160 * setAuthorizedKeys - set the SSH authorized keys for the user.
1162 * @param string The users public keys.
1163 * @return boolean success.
1165 function setAuthorizedKeys($keys) {
1166 $keys = trim($keys);
1167 $keys = ereg_replace("\r\n", "\n", $keys); // Convert to Unix EOL
1168 $keys = ereg_replace("\n+", "\n", $keys); // Remove empty lines
1169 $keys = ereg_replace("\n", "###", $keys); // Convert EOL to marker
1171 $res = db_query_params ('UPDATE users SET authorized_keys=$1 WHERE user_id=$2',
1175 $this->setError('ERROR - Could Not Update User SSH Keys');
1178 $this->data_array['authorized_keys'] = $keys;
1184 * setLoggedIn($val) - Really only used by session code.
1186 * @param boolean The session value.
1188 function setLoggedIn($val=true) {
1189 $this->is_logged_in=$val;
1191 //if this is the logged in user, see if they are a super user
1192 $result = db_query_params ('SELECT count(*) AS count FROM user_group WHERE user_id=$1 AND group_id=1 AND admin_flags=$2',
1193 array ($this->getID(),
1196 $this->is_super_user=false;
1199 $row_count = db_fetch_array($result);
1200 $this->is_super_user = ($row_count['count'] > 0);
1205 * isLoggedIn - only used by session code.
1207 * @return boolean is_logged_in.
1209 function isLoggedIn() {
1210 return $this->is_logged_in;
1214 * deletePreference - delete a preference for this user.
1216 * @param string The unique field name for this preference.
1217 * @return boolean success.
1219 function deletePreference($preference_name) {
1220 $preference_name=strtolower(trim($preference_name));
1221 unset($this->user_pref["$preference_name"]);
1222 $res = db_query_params ('DELETE FROM user_preferences WHERE user_id=$1 AND preference_name=$2',
1223 array ($this->getID(),
1224 $preference_name)) ;
1229 * setPreference - set a new preference for this user.
1231 * @param string The unique field name for this preference.
1232 * @param string The value you are setting this preference to.
1233 * @return boolean success.
1235 function setPreference($preference_name,$value) {
1236 $preference_name=strtolower(trim($preference_name));
1237 //delete pref if not value passed in
1238 unset($this->user_pref);
1239 if (!isset($value)) {
1240 $result = db_query_params ('DELETE FROM user_preferences WHERE user_id=$1 AND preference_name=$2',
1241 array ($this->getID(),
1242 $preference_name)) ;
1244 $result = db_query_params ('UPDATE user_preferences SET preference_value=$1,set_date=$2 WHERE user_id=$3 AND preference_name=$4',
1248 $preference_name)) ;
1249 if (db_affected_rows($result) < 1) {
1251 $result = db_query_params ('INSERT INTO user_preferences (user_id,preference_name,preference_value,set_date) VALUES ($1,$2,$3,$4)',
1252 array ($this->getID(),
1262 * getPreference - get a specific preference.
1264 * @param string The unique field name for this preference.
1265 * @return the preference string or false on failure.
1267 function getPreference($preference_name) {
1268 $preference_name=strtolower(trim($preference_name));
1270 First check to see if we have already fetched the preferences
1272 if (isset($this->user_pref)) {
1273 //echo "\n\nPrefs were fetched already";
1274 if (isset($this->user_pref["$preference_name"])) {
1275 //we have fetched prefs - return part of array
1276 return $this->user_pref["$preference_name"];
1278 //we have fetched prefs, but this pref hasn't been set
1282 //we haven't returned prefs - go to the db
1283 $result = db_query_params ('SELECT preference_name,preference_value FROM user_preferences WHERE user_id=$1',
1284 array ($this->getID())) ;
1285 if (db_numrows($result) < 1) {
1286 //echo "\n\nNo Prefs Found";
1290 //iterate and put the results into an array
1291 for ($i=0; $i<db_numrows($result); $i++) {
1292 $pref["".db_result($result,$i,'preference_name').""]=db_result($result,$i,'preference_value');
1294 $this->user_pref = $pref;
1296 if (array_key_exists($preference_name,$this->user_pref)) {
1297 //we have fetched prefs - return part of array
1298 return $this->user_pref["$preference_name"];
1300 //we have fetched prefs, but this pref hasn't been set
1308 * setPasswd - Changes user's password.
1310 * @param string The plaintext password.
1311 * @return boolean success.
1313 function setPasswd($passwd) {
1315 if (!account_pwvalid($passwd)) {
1316 $this->setError('Error: '.$GLOBALS['register_error']);
1321 $md5_pw = md5 ($passwd) ;
1322 $unix_pw = account_genunixpw ($passwd) ;
1324 $res = db_query_params ('UPDATE users SET user_pw=$1, unix_pw=$2 WHERE user_id=$3',
1329 if (!$res || db_affected_rows($res) < 1) {
1330 $this->setError('ERROR - Could Not Change User Password: '.db_error());
1334 // Now change LDAP password, but only if corresponding
1335 // entry exists (i.e. if user have shell access)
1336 if ($SYS->sysCheckUser($this->getID())) {
1337 if (!$SYS->sysUserSetAttribute($this->getID(),"userPassword",'{crypt}'.$unix_pw)) {
1338 $this->setError($SYS->getErrorMessage());
1344 $hook_params = array ();
1345 $hook_params['user'] = $this;
1346 $hook_params['user_id'] = $this->getID();
1347 $hook_params['user_password'] = $passwd;
1348 plugin_hook ("user_setpasswd", $hook_params);
1354 * usesRatings - whether user participates in rating system.
1356 * @return boolean success.
1358 function usesRatings() {
1359 return !$this->data_array['block_ratings'];
1363 * getPlugins - get a list of all available user plugins
1365 * @return array array containing plugin_id => plugin_name
1367 function getPlugins() {
1368 if (!isset($this->plugins_data)) {
1369 $this->plugins_data = array () ;
1371 $res = db_query_params ('SELECT user_plugin.plugin_id, plugins.plugin_name
1372 FROM user_plugin, plugins
1373 WHERE user_plugin.user_id=$1
1374 AND user_plugin.plugin_id=plugins.plugin_id',
1375 array ($this->getID())) ;
1376 $rows = db_numrows($res);
1378 for ($i=0; $i<$rows; $i++) {
1379 $plugin_id = db_result($res,$i,'plugin_id');
1380 $this->plugins_data[$plugin_id] = db_result($res,$i,'plugin_name');
1383 return $this->plugins_data ;
1387 * usesPlugin - returns true if the user uses a particular plugin
1389 * @param string name of the plugin
1390 * @return boolean whether plugin is being used or not
1392 function usesPlugin($pluginname) {
1393 $plugins_data = $this->getPlugins() ;
1394 foreach ($plugins_data as $p_name) {
1395 if ($p_name == $pluginname) {
1403 * setPluginUse - enables/disables plugins for the user
1405 * @param string name of the plugin
1406 * @param boolean the new state
1407 * @return string database result
1409 function setPluginUse($pluginname, $val=true) {
1410 if ($val == $this->usesPlugin($pluginname)) {
1411 // State is already good, returning
1414 $res = db_query_params ('SELECT plugin_id FROM plugins WHERE plugin_name=$1',
1415 array ($pluginname)) ;
1416 $rows = db_numrows($res);
1418 // Error: no plugin by that name
1421 $plugin_id = db_result($res,0,'plugin_id');
1423 unset ($this->plugins_data) ;
1425 return db_query_params ('INSERT INTO user_plugin (user_id,plugin_id) VALUES ($1,$2)',
1426 array ($this->getID(),
1429 return db_query_params ('DELETE FROM user_plugin WHERE user_id=$1 AND plugin_id=$2',
1430 array ($this->getID(),
1436 * getMailingsPrefs - Get activity status for one of the site mailings.
1438 * @param string The id of mailing ('mail_va' for community mailings, 'mail_siteupdates' for site mailings)
1439 * @return boolean success.
1441 function getMailingsPrefs($mailing_id) {
1442 if ($mailing_id=='va') {
1443 return $this->data_array['mail_va'];
1444 } else if ($mailing_id=='site') {
1445 return $this->data_array['mail_siteupdates'];
1452 * unsubscribeFromMailings - Disable email notifications for user.
1454 * @param boolean If false, disable general site mailings, else - all.
1455 * @return boolean success.
1457 function unsubscribeFromMailings($all=false) {
1458 $res1 = $res2 = $res3 = true;
1459 $res1 = db_query_params ('UPDATE users SET mail_siteupdates=0, mail_va=0 WHERE user_id=$1',
1460 array ($this->getID())) ;
1462 $res2 = db_query_params ('DELETE FROM forum_monitored_forums WHERE user_id=$1',
1463 array ($this->getID())) ;
1464 $res3 = db_query_params ('DELETE FROM filemodule_monitor WHERE user_id=$1',
1465 array ($this->getID())) ;
1468 return $res1 && $res2 && $res3;
1472 * getThemeID - get the theme_id for this user.
1474 * @return int The theme_id.
1476 function getThemeID() {
1477 return $this->data_array['theme_id'];
1481 * getThemeID - get the theme_id for this user from the theme_prefs table.
1483 * @return int The theme_id.
1485 function setUpTheme() {
1487 // An optimization in session_getdata lets us pre-fetch this in most cases.....
1489 if (!isset($this->data_array['dirname']) || !$this->data_array['dirname']) {
1490 $res = db_query_params ('SELECT dirname FROM themes WHERE theme_id=$1',
1491 array ($this->getThemeID())) ;
1492 $this->theme=db_result($res,0,'dirname');
1494 $this->theme=$this->data_array['dirname'];
1496 if (is_file(forge_get_config('themes_root').$this->theme.'/Theme.class.php')) {
1497 $GLOBALS['sys_theme']=$this->theme;
1499 $this->theme=forge_get_config('default_theme');
1501 return $this->theme;
1505 * getRole() - Get user Role object.
1507 * @param object group object
1508 * @return object Role object
1510 function getRole(&$group) {
1511 if (!$group || !is_object($group)) {
1512 $this->setError('User::getRole : Unable to get group object');
1515 $res = db_query_params ('SELECT role_id FROM user_group WHERE user_id=$1 AND group_id=$2',
1516 array ($this->getID(),
1518 if (!$res || db_numrows($res) < 1) {
1519 $this->setError('User::getRole::DB - Could Not get role_id '.db_error());
1522 $role_id = db_result($res,0,'role_id');
1526 $role = new Role($group,$role_id);
1527 if (!$role || !is_object($role)) {
1528 $this->setError('Error Getting Role Object');
1530 } elseif ($role->isError()) {
1531 $this->setError('User::getRole::roleget::'.$role->getErrorMessage());
1537 function isMember($group_id, $type=0) {
1538 if (!session_loggedin()) {
1542 $project =& group_get_object($group_id);
1544 if (!$project || !is_object($project)) {
1548 $perm =& $project->getPermission( $this );
1549 if (!$perm || !is_object($perm) || !$perm->isMember()) {
1553 $type=strtoupper($type);
1558 return $perm->isPMAdmin();
1563 return $perm->isForumAdmin();
1567 //just in this group
1568 return $perm->isMember();
1572 //admin for this group
1573 return $perm->isAdmin();
1578 return $perm->isDocEditor();
1596 EVERYTHING BELOW HERE IS DEPRECATED
1599 DO NOT USE FOR ANY NEW CODE
1608 * user_ismember() - DEPRECATED; DO NOT USE!
1610 * @param int The Group ID
1611 * @param int The Type
1615 function user_ismember($group_id,$type=0) {
1616 if (!session_loggedin()) {
1620 $project =& group_get_object($group_id);
1622 if (!$project || !is_object($project)) {
1626 $perm =& $project->getPermission( session_get_user() );
1627 if (!$perm || !is_object($perm) || !$perm->isMember()) {
1631 $type=strtoupper($type);
1636 return $perm->isPMAdmin();
1641 return $perm->isForumAdmin();
1645 //just in this group
1646 return $perm->isMember();
1650 //admin for this group
1651 return $perm->isAdmin();
1656 return $perm->isDocEditor();
1668 * user_getname() - DEPRECATED; DO NOT USE!
1670 * @param int The User ID
1674 function user_getname($user_id = false) {
1675 // use current user if one is not passed in
1677 if (session_loggedin()) {
1678 $user=&user_get_object(user_getid());
1680 return $user->getUnixName();
1682 return 'Error getting user';
1685 return 'No User Id';
1688 $user=&user_get_object($user_id);
1690 return $user->getUnixName();
1692 return 'Invalid User';
1699 // c-file-style: "bsd"