3 * FusionForge user management
5 * Copyright 1999-2001, VA Linux Systems, Inc.
6 * Copyright 2009-2010, Roland Mas
7 * Copyright 2011, Franck Villaume - Capgemini
8 * http://fusionforge.org
10 * This file is part of FusionForge. FusionForge is free software;
11 * you can redistribute it and/or modify it under the terms of the
12 * GNU General Public License as published by the Free Software
13 * Foundation; either version 2 of the Licence, or (at your option)
16 * FusionForge is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License along
22 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
29 * user_get_object_by_name() - Get User object by username.
30 * user_get_object is useful so you can pool user objects/save database queries
31 * You should always use this instead of instantiating the object directly
33 * @param string The unix username - required
34 * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
35 * @return a user object or false on failure
37 function &user_get_object_by_name($user_name, $res = false) {
38 $user_name = strtolower($user_name);
40 $res = db_query_params('SELECT * FROM users WHERE user_name=$1',
43 return user_get_object(db_result($res, 0, 'user_id'), $res);
47 * user_get_object_by_email() - Get User object by email address
48 * Only works if sys_require_unique_email is true
50 * @param string The unix username - required
51 * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
52 * @return a user object or false on failure
55 function user_get_object_by_email($email ,$res = false) {
56 if (!validate_email($email)
57 || !forge_get_config('require_unique_email')) {
61 $res=db_query_params('SELECT * FROM users WHERE email=$1',
64 return user_get_object(db_result($res, 0, 'user_id'), $res);
68 * user_get_object() - Get User object by user ID.
69 * user_get_object is useful so you can pool user objects/save database queries
70 * You should always use this instead of instantiating the object directly
72 * @param int The ID of the user - required
73 * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
74 * @return object a user object or false on failure
76 function &user_get_object($user_id, $res = false) {
77 //create a common set of group objects
78 //saves a little wear on the database
80 //automatically checks group_type and
81 //returns appropriate object
84 if (!isset($USER_OBJ["_".$user_id."_"])) {
86 //the db result handle was passed in
88 $res = db_query_params('SELECT * FROM users WHERE user_id=$1',
91 if (!$res || db_numrows($res) < 1) {
92 $USER_OBJ["_".$user_id."_"]=false;
94 $USER_OBJ["_".$user_id."_"]= new GFUser($user_id,$res);
97 return $USER_OBJ["_".$user_id."_"];
100 function &user_get_objects($id_arr) {
105 foreach ($id_arr as $id) {
107 // See if this ID already has been fetched in the cache
109 if (!isset($USER_OBJ["_".$id."_"])) {
113 if (count($fetch) > 0) {
114 $res = db_query_params('SELECT * FROM users WHERE user_id = ANY ($1)',
115 array(db_int_array_to_any_clause ($fetch)));
116 while ($arr = db_fetch_array($res)) {
117 $USER_OBJ["_".$arr['user_id']."_"] = new GFUser($arr['user_id'],$arr);
120 foreach ($id_arr as $id) {
121 $return[] =& $USER_OBJ["_".$id."_"];
126 function &user_get_objects_by_name($username_arr) {
127 $res = db_query_params('SELECT user_id FROM users WHERE lower(user_name) = ANY ($1)',
128 array(db_string_array_to_any_clause ($username_arr)));
129 $arr =& util_result_column_to_array($res, 0);
130 return user_get_objects($arr);
133 function &user_get_objects_by_email($email_arr) {
134 $res=db_query_params('SELECT user_id FROM users WHERE lower(email) = ANY ($1)',
135 array(db_string_array_to_any_clause ($email_arr)));
136 $arr =& util_result_column_to_array($res, 0);
137 return user_get_objects($arr);
140 function &user_get_active_users() {
141 $res=db_query_params('SELECT user_id FROM users WHERE status=$1',
143 return user_get_objects(util_result_column_to_array($res, 0));
146 class GFUser extends Error {
148 * Associative array of data from db.
150 * @var array $data_array.
155 * Is this person a site super-admin?
157 * @var bool $is_super_user
162 * Is this person the logged in user?
164 * @var bool $is_logged_in
169 * Array of preferences
171 * @var array $user_pref
179 * GFUser($id,$res) - CONSTRUCTOR - GENERALLY DON'T USE THIS
181 * instead use the user_get_object() function call
183 * @param int The user_id
184 * @param int The database result set OR array of data
186 function GFUser($id = false, $res = false) {
189 //setting up an empty object
190 //probably going to call create()
194 $this->fetchData($id);
196 if (is_array($res)) {
197 $this->data_array =& $res;
198 } elseif (db_numrows($res) < 1) {
199 //function in class we extended
200 $this->setError(_('User Not Found'));
201 $this->data_array=array();
204 //set up an associative array for use by other functions
205 $this->data_array = db_fetch_array_by_row($res, 0);
208 $this->is_super_user=false;
209 $this->is_logged_in=false;
214 * create() - Create a new user.
216 * @param string The unix username.
217 * @param string The real firstname.
218 * @param string The real lastname.
219 * @param string The first password.
220 * @param string The confirmation password.
221 * @param string The users email address.
222 * @param string The users preferred default language.
223 * @param string The users preferred default timezone.
224 * @param string The users preference for receiving site updates by email.
225 * @param string The users preference for receiving community updates by email.
226 * @param int The ID of the language preference.
227 * @param string The users preferred timezone.
228 * @param string The users Jabber address.
229 * @param int The users Jabber preference.
230 * @param int The users theme_id.
231 * @param string The users unix_box.
232 * @param string The users address.
233 * @param string The users address part 2.
234 * @param string The users phone.
235 * @param string The users fax.
236 * @param string The users title.
237 * @param char(2) The users ISO country_code.
238 * @param bool Whether to send an email or not
239 * @param int The users preference for tooltips
240 * @returns The newly created user ID
243 function create($unix_name, $firstname, $lastname, $password1, $password2, $email,
244 $mail_site, $mail_va, $language_id, $timezone, $jabber_address, $jabber_only, $theme_id,
245 $unix_box = 'shell', $address = '', $address2 = '', $phone = '', $fax = '', $title = '', $ccode = 'US', $send_mail = true, $tooltips = true) {
248 $this->setError(_('You must supply a theme'));
251 if (! forge_get_config('require_unique_email')) {
253 $this->setError(_('You must supply a username'));
258 $this->setError(_('You must supply a first name'));
262 $this->setError(_('You must supply a last name'));
266 $this->setError(_('You must supply a password'));
269 if ($password1 != $password2) {
270 $this->setError(_('Passwords do not match'));
273 if (!account_pwvalid($password1)) {
274 $this->setError(_('Invalid Password:'));
277 $unix_name=strtolower($unix_name);
278 if (!account_namevalid($unix_name)) {
279 $this->setError(_('Invalid Unix Name.'));
282 if (!$SYS->sysUseUnixName($unix_name)) {
283 $this->setError(_('Unix name already taken'));
286 if (!validate_email($email)) {
287 $this->setError(_('Invalid Email Address:') .' '. $email);
290 if ($jabber_address && !validate_email($jabber_address)) {
291 $this->setError(_('Invalid Jabber Address'));
299 if ($unix_name && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name LIKE $1',
300 array($unix_name))) > 0) {
301 $this->setError(_('That username already exists.'));
304 if (forge_get_config('require_unique_email')) {
305 if (user_get_object_by_email('$email')) {
306 $this->setError(_('User with this email already exists - use people search to recover your login.'));
310 if (forge_get_config('require_unique_email') && !$unix_name) {
311 // Let's generate a loginname for the user
312 // ...based on the email address:
313 $email_array = explode ('@', $email, 2) ;
314 $email_u = $email_array [0];
315 $l = preg_replace('/[^a-z0-9]/', '', $email_u);
316 $l = substr ($l, 0, 15);
317 // Is the user part of the email address okay?
318 if (account_namevalid($l)
319 && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
323 // No? What if we add a number at the end?
326 $c = substr ($l, 0, 15-strlen ("$i")) . "$i" ;
327 if (account_namevalid($c)
328 && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
336 // If we're really unlucky, then let's go brute-force
337 while (!$unix_name) {
338 $c = substr (md5($email . util_randbytes()), 0, 15);
339 if (account_namevalid($c)
340 && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
346 $unix_name = strtolower($unix_name);
347 if (!account_namevalid($unix_name)) {
348 $this->setError(_('Invalid Unix Name.'));
351 // if we got this far, it must be good
352 $confirm_hash = substr(md5($password1 . util_randbytes() . microtime()),0,16);
354 $result = db_query_params('INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,status,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,unix_box,address,address2,phone,fax,title,ccode,theme_id,tooltips)
355 VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25)',
358 account_genunixpw($password1),
359 htmlspecialchars($firstname.' '.$lastname),
360 htmlspecialchars($firstname),
361 htmlspecialchars($lastname),
366 (($mail_site)?"1":"0"),
367 (($mail_va)?"1":"0"),
373 htmlspecialchars($address),
374 htmlspecialchars($address2),
375 htmlspecialchars($phone),
376 htmlspecialchars($fax),
377 htmlspecialchars($title),
382 $this->setError(_('Insert Failed: ') . db_error());
387 $id = db_insertid($result, 'users', 'user_id');
389 $this->setError('Could Not Get USERID: ' .db_error());
394 if (!$this->fetchData($id)) {
399 $hook_params = array();
400 $hook_params['user'] = $this;
401 $hook_params['user_id'] = $this->getID();
402 $hook_params['user_name'] = $unix_name;
403 $hook_params['user_password'] = $password1;
404 plugin_hook("user_create", $hook_params);
407 setup_gettext_from_lang_id($language_id);
408 $this->sendRegistrationEmail();
409 setup_gettext_from_context();
418 * sendRegistrationEmail() - Send email for registration verification
420 * @return bool success or not
422 function sendRegistrationEmail() {
423 $message=stripcslashes(sprintf(_('Thank you for registering on the %3$s web site. You have
424 account with username %1$s created for you. In order
425 to complete your registration, visit the following url:
429 You have 1 week to confirm your account. After this time, your account will be deleted.
431 (If you don\'t see any URL above, it is likely due to a bug in your mail client.
432 Use one below, but make sure it is entered as the single line.)
440 $this->getUnixName(),
441 util_make_url('/account/verify.php?confirm_hash=_'.$this->getConfirmHash()),
442 forge_get_config('forge_name')));
445 sprintf(_('%1$s Account Registration'), forge_get_config('forge_name')),
451 * delete() - remove the User from all his groups.
453 * Remove the User from all his groups and set his status to D.
455 * @param boolean Confirmation of deletion.
456 * @return boolean success or not
458 function delete($sure) {
462 $groups = &$this->getGroups();
463 if (is_array($groups)) {
464 foreach ($groups as $group) {
465 $group->removeUser($this->getID());
470 $res = db_query_params('DELETE FROM artifact_monitor WHERE user_id=$1',
471 array($this->getID()));
473 $this->setError('ERROR - ' . _('Could Not Delete From artifact_monitor:') . ' '.db_error());
477 $res = db_query_params('DELETE FROM artifact_type_monitor WHERE user_id=$1',
478 array($this->getID()));
480 $this->setError('ERROR - ' . _('Could Not Delete From artifact_type_monitor:') . ' ' .db_error());
484 $res = db_query_params('DELETE FROM forum_monitored_forums WHERE user_id=$1',
485 array($this->getID()));
487 $this->setError('ERROR - ' . _('Could Not Delete From forum_monitored_forums:') . ' '.db_error());
491 $res = db_query_params('DELETE FROM filemodule_monitor WHERE user_id=$1',
492 array($this->getID()));
494 $this->setError('ERROR - ' . _('Could Not Delete From filemodule_monitor:') . ' '.db_error());
499 $hook_params = array ();
500 $hook_params['user'] = $this;
501 $hook_params['user_id'] = $this->getID();
502 plugin_hook("user_delete", $hook_params);
504 $this->setStatus('D');
505 $this->setUnixStatus('D');
512 * update() - update *common* properties of GFUser object.
514 * Use specific setter to change other properties.
516 * @param string The users first name.
517 * @param string The users last name.
518 * @param int The ID of the users language preference.
519 * @param string The useres timezone preference.
520 * @param string The users preference for receiving site updates by email.
521 * @param string The users preference for receiving community updates by email.
522 * @param string The users preference for being participating in "peer ratings".
523 * @param string The users Jabber account address.
524 * @param int The users Jabber preference.
525 * @param int The users theme_id preference.
526 * @param string The users address.
527 * @param string The users address2.
528 * @param string The users phone.
529 * @param string The users fax.
530 * @param string The users title.
531 * @param string The users ccode.
532 * @param int The users preference for tooltips.
533 * @param string The users email.
535 function update($firstname, $lastname, $language_id, $timezone, $mail_site, $mail_va, $use_ratings,
536 $jabber_address, $jabber_only, $theme_id, $address, $address2, $phone, $fax, $title, $ccode, $tooltips, $email='') {
537 $mail_site = $mail_site ? 1 : 0;
538 $mail_va = $mail_va ? 1 : 0;
539 $block_ratings = $use_ratings ? 0 : 1;
541 if ($jabber_address && !validate_email($jabber_address)) {
542 $this->setError(_('Invalid Jabber Address'));
553 $res = db_query_params('
576 htmlspecialchars($firstname . ' ' .$lastname),
577 htmlspecialchars($firstname),
578 htmlspecialchars($lastname),
586 htmlspecialchars($address),
587 htmlspecialchars($address2),
588 htmlspecialchars($phone),
589 htmlspecialchars($fax),
590 htmlspecialchars($title),
597 $this->setError(_('ERROR - Could Not Update User Object:'). ' ' .db_error());
602 if ($email && $email != $this->getEmail()
603 && !$this->setEmail($email)) {
607 // If there's a transaction from using to not
608 // using ratings, remove all rating made by the
609 // user (ratings by others should not be removed,
610 // as it opens possibility to abuse rate system)
611 if (!$use_ratings && $this->usesRatings()) {
612 db_query_params('DELETE FROM user_ratings WHERE rated_by=$1',
615 if (!$this->fetchData($this->getID())) {
620 $hook_params = array ();
621 $hook_params['user'] = $this;
622 $hook_params['user_id'] = $this->getID();
623 plugin_hook ("user_update", $hook_params);
630 * fetchData - May need to refresh database fields.
632 * If an update occurred and you need to access the updated info.
634 * @param int the User ID data to be fecthed
635 * @return boolean success;
637 function fetchData($user_id) {
638 $res = db_query_params ('SELECT * FROM users WHERE user_id=$1',
640 if (!$res || db_numrows($res) < 1) {
641 $this->setError('GFUser::fetchData():: '.db_error());
644 $this->data_array = db_fetch_array($res);
649 * getID - Simply return the user_id for this object.
651 * @return int This user's user_id number.
654 return $this->data_array['user_id'];
658 * getStatus - get the status of this user.
660 * Statuses include (A)ctive, (P)ending, (S)uspended ,(D)eleted.
662 * @return char This user's status flag.
664 function getStatus() {
665 return $this->data_array['status'];
669 * setStatus - set this user's status.
671 * @param string Status - P, A, S, or D.
672 * @return boolean success.
674 function setStatus($status) {
676 if ($status != 'P' && $status != 'A'
677 && $status != 'S' && $status != 'D') {
678 $this->setError(_('ERROR: Invalid status value'));
681 if ($this->getStatus() != 'P' && $status == 'P') {
682 $this->setError('ERROR: You can\'t set pending status if user is suspend or active');
687 $res = db_query_params ('UPDATE users SET status=$1 WHERE user_id=$2',
692 $this->setError(_('ERROR - Could Not Update User Status:') . ' ' .db_error());
696 $this->data_array['status']=$status;
697 if ($status == 'D') {
698 $projects = $this->getGroups() ;
699 foreach ($projects as $p) {
700 $p->removeUser ($this->getID()) ;
704 $hook_params = array ();
705 $hook_params['user'] = $this;
706 $hook_params['user_id'] = $this->getID();
707 $hook_params['status'] = $status;
708 plugin_hook ("user_setstatus", $hook_params);
717 * isActive - whether this user is confirmed and active.
719 * Database field status of 'A' returns true.
720 * @return boolean is_active.
722 function isActive() {
723 if ($this->getStatus()=='A') {
731 * getUnixStatus - Status of activation of unix account.
733 * @return char (N)one, (A)ctive, (S)uspended or (D)eleted
735 function getUnixStatus() {
736 return $this->data_array['unix_status'];
740 * setUnixStatus - Sets status of activation of unix account.
742 * @param string The unix status.
748 * @return boolean success.
750 function setUnixStatus($status) {
753 $res = db_query_params ('UPDATE users SET unix_status=$1 WHERE user_id=$2',
758 $this->setError('ERROR - Could Not Update User Unix Status: '.db_error());
762 if ($status == 'A') {
763 if (!$SYS->sysCheckCreateUser($this->getID())) {
764 $this->setError($SYS->getErrorMessage());
769 if ($SYS->sysCheckUser($this->getID())) {
770 if (!$SYS->sysRemoveUser($this->getID())) {
771 $this->setError($SYS->getErrorMessage());
778 $this->data_array['unix_status']=$status;
785 * getUnixName - the user's unix_name.
787 * @return string This user's unix/login name.
789 function getUnixName() {
790 return strtolower($this->data_array['user_name']);
794 * getUnixPasswd - get the user's password.
796 * @return string This user's unix crypted passwd.
798 function getUnixPasswd() {
799 return $this->data_array['unix_pw'];
803 * getUnixBox - the hostname of the unix box this user has an account on.
805 * @return string This user's shell login machine.
807 function getUnixBox() {
808 return $this->data_array['unix_box'];
812 * getMD5Passwd - the password.
814 * @return string This user's MD5-crypted passwd.
816 function getMD5Passwd() {
817 return $this->data_array['user_pw'];
820 //Added to be compatible with codendi getUserPw function
821 function getUserPw() {
822 return $this->data_array['user_pw'];
826 * getConfirmHash - the confirm hash in the db.
828 * @return string This user's confirmation hash.
830 function getConfirmHash() {
831 return $this->data_array['confirm_hash'];
835 * getEmail - the user's email address.
837 * @return string This user's email address.
839 function getEmail() {
840 return str_replace("\n", "", $this->data_array['email']);
844 * getSha1Email - a SHA1 encoded hash of the email URI (including mailto: prefix)
846 * @return string The SHA1 encoded value for the email
848 function getSha1Email() {
849 return sha1('mailto:'.$this->getEmail());
853 * getNewEmail - while changing an email address, it is stored here until confirmation.
855 * getNewEmail is a private operation for email change.
857 * @return string This user's new (not yet confirmed) email address.
860 function getNewEmail() {
861 return $this->data_array['email_new'];
865 * setEmail - set a new email address, which must be confirmed.
867 * @param string The email address.
868 * @return boolean success.
870 function setEmail($email) {
872 if (!strcasecmp($this->getEmail(), $email)) {
876 if (!$email || !validate_email($email)) {
877 $this->setError('ERROR: Invalid Email');
881 if (forge_get_config('require_unique_email')) {
882 if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_id!=$1 AND (lower(email) LIKE $2 OR lower(email_new) LIKE $2)',
883 array ($this->getID(),
884 strtolower($email)))) > 0) {
885 $this->setError(_('User with this email already exists.'));
891 $res = db_query_params ('UPDATE users SET email=$1 WHERE user_id=$2',
896 $this->setError('ERROR - Could Not Update User Email: '.db_error());
900 $hook_params = array ();
901 $hook_params['user'] = $this;
902 $hook_params['user_id'] = $this->getID();
903 $hook_params['user_email'] = $email;
904 plugin_hook("user_setemail", $hook_params);
906 if (!$this->fetchData($this->getId())) {
917 * setNewEmailAndHash - setNewEmailAndHash is a private operation for email change.
919 * @param string The email address.
920 * @param string The email hash.
921 * @return boolean success.
923 function setNewEmailAndHash($email, $hash='') {
926 $hash = substr(md5(strval(time()) . strval(util_randbytes())), 0, 16);
929 if (!$email || !validate_email($email)) {
930 $this->setError('ERROR - Invalid Email');
934 if (forge_get_config('require_unique_email')) {
935 if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_id!=$1 AND (lower(email) LIKE $2 OR lower(email_new) LIKE $2)',
936 array ($this->getID(),
937 strtolower($email)))) > 0) {
938 $this->setError(_('User with this email already exists.'));
942 $res = db_query_params ('UPDATE users SET confirm_hash=$1, email_new=$2 WHERE user_id=$3',
947 $this->setError('ERROR - Could Not Update User Email And Hash: '.db_error());
950 $this->data_array['email_new'] = $email;
951 $this->data_array['confirm_hash'] = $hash;
957 * getRealName - get the user's real name.
959 * @return string This user's real name.
961 function getRealName() {
962 $last_name = $this->getLastName();
963 return $this->getFirstName(). ($last_name ? ' ' .$last_name:'');
967 * getFirstName - get the user's first name.
969 * @return string This user's first name.
971 function getFirstName() {
972 return $this->data_array['firstname'];
976 * getLastName - get the user's last name.
978 * @return string This user's last name.
980 function getLastName() {
981 return $this->data_array['lastname'];
985 * getAddDate - this user's unix time when account was opened.
987 * @return int This user's unix time when account was opened.
989 function getAddDate() {
990 return $this->data_array['add_date'];
994 * getTimeZone - this user's timezone setting.
996 * @return string This user's timezone setting.
998 function getTimeZone() {
999 return $this->data_array['timezone'];
1003 * getCountryCode - this user's ccode setting.
1005 * @return string This user's ccode setting.
1007 function getCountryCode() {
1008 return $this->data_array['ccode'];
1012 * getShell - this user's preferred shell.
1014 * @return string This user's preferred shell.
1016 function getShell() {
1017 return $this->data_array['shell'];
1021 * setShell - sets user's preferred shell.
1023 * @param string The users preferred shell.
1024 * @return boolean success.
1026 function setShell($shell) {
1028 $shells = file('/etc/shells');
1029 $shells[count($shells)] = "/bin/cvssh";
1030 $out_shells = array();
1031 foreach ($shells as $s) {
1032 if (substr($s, 0, 1) == '#') {
1035 $out_shells[] = chop($s);
1037 if (!in_array($shell, $out_shells)) {
1038 $this->setError(_('ERROR: Invalid Shell'));
1043 $res = db_query_params ('UPDATE users SET shell=$1 WHERE user_id=$2',
1047 $this->setError(_('ERROR - Could Not Update User Unix Shell:') . ' ' .db_error());
1051 // Now change LDAP attribute, but only if corresponding
1052 // entry exists (i.e. if user have shell access)
1053 if ($SYS->sysCheckUser($this->getID()))
1055 if (!$SYS->sysUserSetAttribute($this->getID(),"loginShell",$shell)) {
1056 $this->setError($SYS->getErrorMessage());
1061 $this->data_array['shell']=$shell;
1068 * getUnixUID() - Get the unix UID of the user
1070 * @return int This user's UID.
1072 function getUnixUID() {
1073 return $this->data_array['unix_uid'];
1077 * getUnixGID() - Get the unix GID of the user
1079 * @return int This user's GID.
1081 function getUnixGID() {
1082 return $this->data_array['unix_gid'];
1086 * getLanguage - this user's language_id from supported_languages table.
1088 * @return int This user's language_id.
1090 function getLanguage() {
1091 return $this->data_array['language'];
1095 * getJabberAddress - this user's optional jabber address.
1097 * @return string This user's jabber address.
1099 function getJabberAddress() {
1100 return $this->data_array['jabber_address'];
1104 * getJabberOnly - whether this person wants updates sent ONLY to jabber.
1106 * @return boolean This user's jabber preference.
1108 function getJabberOnly() {
1109 return $this->data_array['jabber_only'];
1113 * getAddress - get this user's address.
1115 * @return text This user's address.
1117 function getAddress() {
1118 return $this->data_array['address'];
1122 * getAddress2 - get this user's address2.
1124 * @return text This user's address2.
1126 function getAddress2() {
1127 return $this->data_array['address2'];
1131 * getPhone - get this person's phone number.
1133 * @return text This user's phone number.
1135 function getPhone() {
1136 return $this->data_array['phone'];
1140 * getFax - get this person's fax number.
1142 * @return text This user's fax.
1145 return $this->data_array['fax'];
1149 * getTitle - get this person's title.
1151 * @return text This user's title.
1153 function getTitle() {
1154 return $this->data_array['title'];
1158 * getGroups - get an array of groups this user is a member of.
1160 * @return array Array of groups.
1162 function &getGroups($onlylocal = true) {
1164 foreach ($this->getRoles() as $r) {
1166 if ($r instanceof RoleExplicit
1167 && $r->getHomeProject() != NULL) {
1168 $ids[] = $r->getHomeProject()->getID();
1171 foreach ($r->getLinkedProjects() as $p) {
1172 $ids[] = $p->getID();
1176 return group_get_objects(array_values(array_unique($ids))) ;
1180 * getAuthorizedKeys - the SSH authorized keys set by the user.
1182 * @return string This user's SSH authorized (public) keys.
1184 function getAuthorizedKeys() {
1185 return preg_replace("/###/", "\n", $this->data_array['authorized_keys']);
1189 * setAuthorizedKeys - set the SSH authorized keys for the user.
1191 * @param string The users public keys.
1192 * @return boolean success.
1194 function setAuthorizedKeys($keys) {
1195 $keys = trim($keys);
1196 $keys = preg_replace("/\r\n/", "\n", $keys); // Convert to Unix EOL
1197 $keys = preg_replace("/\n+/", "\n", $keys); // Remove empty lines
1198 $keys = preg_replace("/\n/", "###", $keys); // Convert EOL to marker
1200 $res = db_query_params('UPDATE users SET authorized_keys=$1 WHERE user_id=$2',
1204 $this->setError(_('ERROR - Could Not Update User SSH Keys'));
1207 $this->data_array['authorized_keys'] = $keys;
1213 * setLoggedIn($val) - Really only used by session code.
1215 * @param boolean The session value.
1217 function setLoggedIn($val=true) {
1218 $this->is_logged_in = $val;
1221 $this->is_super_user = forge_check_global_perm_for_user($this, 'forge_admin') ;
1226 * isLoggedIn - only used by session code.
1228 * @return boolean is_logged_in.
1230 function isLoggedIn() {
1231 return $this->is_logged_in;
1235 * deletePreference - delete a preference for this user.
1237 * @param string The unique field name for this preference.
1238 * @return boolean success.
1240 function deletePreference($preference_name) {
1241 $preference_name=strtolower(trim($preference_name));
1242 unset($this->user_pref["$preference_name"]);
1243 $res = db_query_params('DELETE FROM user_preferences WHERE user_id=$1 AND preference_name=$2',
1244 array ($this->getID(),
1246 return ((!$res || db_affected_rows($res) < 1) ? false : true);
1250 * setPreference - set a new preference for this user.
1252 * @param string The unique field name for this preference.
1253 * @param string The value you are setting this preference to.
1254 * @return boolean success.
1256 function setPreference($preference_name,$value) {
1257 $preference_name=strtolower(trim($preference_name));
1258 //delete pref if not value passed in
1259 unset($this->user_pref);
1260 if (!isset($value)) {
1261 $result = db_query_params ('DELETE FROM user_preferences WHERE user_id=$1 AND preference_name=$2',
1262 array ($this->getID(),
1263 $preference_name)) ;
1265 $result = db_query_params ('UPDATE user_preferences SET preference_value=$1,set_date=$2 WHERE user_id=$3 AND preference_name=$4',
1269 $preference_name)) ;
1270 if (db_affected_rows($result) < 1) {
1272 $result = db_query_params ('INSERT INTO user_preferences (user_id,preference_name,preference_value,set_date) VALUES ($1,$2,$3,$4)',
1273 array ($this->getID(),
1279 return ((!$result || db_affected_rows($result) < 1) ? false : true);
1283 * getPreference - get a specific preference.
1285 * @param string The unique field name for this preference.
1286 * @return string|bool the preference string or false on failure.
1288 function getPreference($preference_name) {
1289 $preference_name=strtolower(trim($preference_name));
1291 First check to see if we have already fetched the preferences
1293 if (isset($this->user_pref)) {
1294 //echo "\n\nPrefs were fetched already";
1295 if (isset($this->user_pref["$preference_name"])) {
1296 //we have fetched prefs - return part of array
1297 return $this->user_pref["$preference_name"];
1299 //we have fetched prefs, but this pref hasn't been set
1303 //we haven't returned prefs - go to the db
1304 $result = db_query_params ('SELECT preference_name,preference_value FROM user_preferences WHERE user_id=$1',
1305 array ($this->getID())) ;
1306 if (db_numrows($result) < 1) {
1307 //echo "\n\nNo Prefs Found";
1311 //iterate and put the results into an array
1312 for ($i=0; $i<db_numrows($result); $i++) {
1313 $pref["".db_result($result,$i,'preference_name').""]=db_result($result,$i,'preference_value');
1315 $this->user_pref = $pref;
1317 if (array_key_exists($preference_name,$this->user_pref)) {
1318 //we have fetched prefs - return part of array
1319 return $this->user_pref["$preference_name"];
1321 //we have fetched prefs, but this pref hasn't been set
1329 * setPasswd - Changes user's password.
1331 * @param string The plaintext password.
1332 * @return boolean success.
1334 function setPasswd($passwd) {
1336 if (!account_pwvalid($passwd)) {
1337 $this->setError('Error: '.$GLOBALS['register_error']);
1342 $md5_pw = md5 ($passwd) ;
1343 $unix_pw = account_genunixpw ($passwd) ;
1345 $res = db_query_params ('UPDATE users SET user_pw=$1, unix_pw=$2 WHERE user_id=$3',
1350 if (!$res || db_affected_rows($res) < 1) {
1351 $this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
1355 // Now change LDAP password, but only if corresponding
1356 // entry exists (i.e. if user have shell access)
1357 if ($SYS->sysCheckUser($this->getID())) {
1358 if (!$SYS->sysUserSetAttribute($this->getID(),"userPassword",'{crypt}'.$unix_pw)) {
1359 $this->setError($SYS->getErrorMessage());
1365 $hook_params = array ();
1366 $hook_params['user'] = $this;
1367 $hook_params['user_id'] = $this->getID();
1368 $hook_params['user_password'] = $passwd;
1369 plugin_hook ("user_setpasswd", $hook_params);
1375 * setMD5Passwd - Changes user's MD5 password.
1377 * @param string The MD5-hashed password.
1378 * @return boolean success.
1380 function setMD5Passwd($md5) {
1386 $res = db_query_params('UPDATE users SET user_pw=$1 WHERE user_id=$2',
1390 if (!$res || db_affected_rows($res) < 1) {
1391 $this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
1401 * setUnixPasswd - Changes user's Unix-hashed password.
1403 * @param string The Unix-hashed password.
1404 * @return boolean success.
1406 function setUnixPasswd($unix) {
1412 $res = db_query_params('UPDATE users SET unix_pw=$1 WHERE user_id=$1',
1416 if (!$res || db_affected_rows($res) < 1) {
1417 $this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
1422 // Now change system password, but only if corresponding
1423 // entry exists (i.e. if user have shell access)
1424 if ($SYS->sysCheckUser($this->getID())) {
1425 if (!$SYS->sysUserSetAttribute($this->getID(),"userPassword",'{crypt}'.$unix)) {
1426 $this->setError($SYS->getErrorMessage());
1437 * usesRatings - whether user participates in rating system.
1439 * @return boolean success.
1441 function usesRatings() {
1442 return !$this->data_array['block_ratings'];
1446 * usesTooltips - whether user enables or not tooltips.
1448 * @return boolean success.
1450 function usesTooltips() {
1451 return $this->data_array['tooltips'];
1455 * getPlugins - get a list of all available user plugins
1457 * @return array array containing plugin_id => plugin_name
1459 function getPlugins() {
1460 if (!isset($this->plugins_data)) {
1461 $this->plugins_data = array () ;
1462 $res = db_query_params ('SELECT user_plugin.plugin_id, plugins.plugin_name
1463 FROM user_plugin, plugins
1464 WHERE user_plugin.user_id=$1
1465 AND user_plugin.plugin_id=plugins.plugin_id',
1466 array ($this->getID())) ;
1467 $rows = db_numrows($res);
1469 for ($i=0; $i<$rows; $i++) {
1470 $plugin_id = db_result($res,$i,'plugin_id');
1471 $this->plugins_data[$plugin_id] = db_result($res,$i,'plugin_name');
1474 return $this->plugins_data ;
1478 * usesPlugin - returns true if the user uses a particular plugin
1480 * @param string name of the plugin
1481 * @return boolean whether plugin is being used or not
1483 function usesPlugin($pluginname) {
1484 $plugins_data = $this->getPlugins() ;
1485 foreach ($plugins_data as $p_name) {
1486 if ($p_name == $pluginname) {
1494 * setPluginUse - enables/disables plugins for the user
1496 * @param string name of the plugin
1497 * @param boolean the new state
1498 * @return string database result
1500 function setPluginUse($pluginname, $val=true) {
1501 if ($val == $this->usesPlugin($pluginname)) {
1502 // State is already good, returning
1505 $res = db_query_params('SELECT plugin_id FROM plugins WHERE plugin_name=$1',
1506 array($pluginname));
1507 $rows = db_numrows($res);
1509 // Error: no plugin by that name
1512 $plugin_id = db_result($res,0,'plugin_id');
1514 unset ($this->plugins_data);
1516 return db_query_params('INSERT INTO user_plugin (user_id,plugin_id) VALUES ($1,$2)',
1517 array($this->getID(),
1520 return db_query_params('DELETE FROM user_plugin WHERE user_id=$1 AND plugin_id=$2',
1521 array($this->getID(),
1527 * getMailingsPrefs - Get activity status for one of the site mailings.
1529 * @param string The id of mailing ('mail_va' for community mailings, 'mail_siteupdates' for site mailings)
1530 * @return boolean success.
1532 function getMailingsPrefs($mailing_id) {
1533 if ($mailing_id == 'va') {
1534 return $this->data_array['mail_va'];
1535 } else if ($mailing_id == 'site') {
1536 return $this->data_array['mail_siteupdates'];
1543 * unsubscribeFromMailings - Disable email notifications for user.
1545 * @param boolean If false, disable general site mailings, else - all.
1546 * @return boolean success.
1548 function unsubscribeFromMailings($all = false) {
1549 $res1 = $res2 = $res3 = true;
1550 $res1 = db_query_params ('UPDATE users SET mail_siteupdates=0, mail_va=0 WHERE user_id=$1',
1551 array ($this->getID())) ;
1553 $res2 = db_query_params('DELETE FROM forum_monitored_forums WHERE user_id=$1',
1554 array ($this->getID())) ;
1555 $res3 = db_query_params('DELETE FROM filemodule_monitor WHERE user_id=$1',
1556 array ($this->getID())) ;
1559 return $res1 && $res2 && $res3;
1563 * getThemeID - get the theme_id for this user.
1565 * @return int The theme_id.
1567 function getThemeID() {
1568 return $this->data_array['theme_id'];
1572 * setUpTheme - get the theme path
1574 * @return string The theme path.
1576 function setUpTheme() {
1578 // An optimization in session_getdata lets us pre-fetch this in most cases.....
1580 if (!isset($this->data_array['dirname']) || !$this->data_array['dirname']) {
1581 $res = db_query_params ('SELECT dirname FROM themes WHERE theme_id=$1',
1582 array ($this->getThemeID())) ;
1583 $this->theme=db_result($res,0,'dirname');
1585 $this->theme=$this->data_array['dirname'];
1587 if (is_file(forge_get_config('themes_root').'/'.$this->theme.'/Theme.class.php')) {
1588 $GLOBALS['sys_theme']=$this->theme;
1590 $this->theme=forge_get_config('default_theme');
1592 return $this->theme;
1596 * getRole() - Get user Role object.
1598 * @param object group object
1599 * @return object Role object
1601 function getRole(&$g) {
1602 if (is_int ($g) || is_string($g)) {
1605 $group_id = $g->getID();
1607 foreach ($this->getRoles () as $r) {
1608 if ($r instanceof RoleExplicit ) {
1609 $homeproj = $r->getHomeProject();
1611 if ($homeproj->getID() == $group_id) {
1620 function getRoles() {
1621 return RBACEngine::getInstance()->getAvailableRolesForUser($this);
1625 function isMember($g, $type = 0){
1626 if (is_int ($g) || is_string($g)) {
1627 $group = group_get_object ($g) ;
1631 $group_id = $group->getID() ;
1637 foreach ($this->getGroups() as $p) {
1638 if ($p->getID() == $group_id) {
1646 return forge_check_perm_for_user($this, 'pm_admin', $group_id);
1650 return forge_check_perm_for_user($this, 'forum_admin', $group_id);
1653 //admin for this group
1654 return forge_check_perm_for_user($this, 'project_admin', $group_id);
1658 return forge_check_perm_for_user($this, 'docman', $group_id, 'admin');
1669 EVERYTHING BELOW HERE IS DEPRECATED
1672 DO NOT USE FOR ANY NEW CODE
1681 * user_ismember() - DEPRECATED; DO NOT USE! (TODO: document what should be used instead)
1682 * Replace user_ismember(1[, 'A']) with forge_check_global_perm('forge_admin')
1683 * Replace user_ismember($group_id, 'A') with forge_check_perm('project_admin', $group_id)
1684 * For now, keep user_ismember($group_id) alone
1685 * @param int The Group ID
1686 * @param int The Type
1690 function user_ismember($group_id,$type=0) {
1691 if (!session_loggedin()) {
1695 return session_get_user()->isMember($group_id, $type) ;
1699 * user_getname() - DEPRECATED; DO NOT USE! (TODO: document what should be used instead)
1701 * @param int The User ID
1705 function user_getname($user_id = false) {
1706 // use current user if one is not passed in
1708 if (session_loggedin()) {
1709 $user=&user_get_object(user_getid());
1711 return $user->getUnixName();
1713 return 'Error getting user';
1716 return 'No User Id';
1719 $user=&user_get_object($user_id);
1721 return $user->getUnixName();
1723 return 'Invalid User';
1728 class UserComparator {
1729 var $criterion = 'name' ;
1731 function Compare ($a, $b) {
1732 switch ($this->criterion) {
1735 $namecmp = strcoll ($a->getRealName(), $b->getRealName()) ;
1736 if ($namecmp != 0) {
1739 /* If several projects share a same real name */
1740 return strcoll ($a->getUnixName(), $b->getUnixName()) ;
1743 return strcmp ($a->getUnixName(), $b->getUnixName()) ;
1746 $aid = $a->getID() ;
1747 $bid = $b->getID() ;
1751 return ($a < $b) ? -1 : 1;
1757 function sortUserList (&$list, $criterion='name') {
1758 $cmp = new UserComparator () ;
1759 $cmp->criterion = $criterion ;
1761 return usort ($list, array ($cmp, 'Compare')) ;
1766 // c-file-style: "bsd"