return user_get_object(db_result($res,0,'user_id'),$res);
}
+/**
+ * user_get_object_by_email() - Get User object by email address
+ * Only works if sys_require_unique_email is true
+ *
+ * @param string The unix username - required
+ * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
+ * @return a user object or false on failure
+ *
+ */
+function user_get_object_by_email($email,$res=false) {
+ if (!validate_email($email)
+ || !$GLOBALS['sys_require_unique_email']) {
+ return false ;
+ }
+ if (!$res) {
+ $res=db_query_params('SELECT * FROM users WHERE email=$1',
+ array ($email));
+ }
+ return user_get_object(db_result($res,0,'user_id'),$res);
+}
+
/**
* user_get_object() - Get User object by user ID.
* user_get_object is useful so you can pool user objects/save database queries
function create($unix_name,$firstname,$lastname,$password1,$password2,$email,
$mail_site,$mail_va,$language_id,$timezone,$jabber_address,$jabber_only,$theme_id,
$unix_box='shell',$address='',$address2='',$phone='',$fax='',$title='',$ccode='US',$send_mail=true) {
+ global $SYS;
if (!$theme_id) {
$this->setError(_('You must supply a theme'));
return false;
}
- if (!$unix_name) {
- $this->setError(_('You must supply a username'));
- return false;
+ if (! $GLOBALS['sys_require_unique_email']) {
+ if (!$unix_name) {
+ $this->setError(_('You must supply a username'));
+ return false;
+ }
}
if (!$firstname) {
$this->setError(_('You must supply a first name'));
$this->setError(_('Invalid Unix Name.'));
return false;
}
+ if (!$SYS->sysUseUnixName($unix_name)) {
+ $this->setError(_('Unix name already taken'));
+ return false;
+ }
if (!validate_email($email)) {
$this->setError(_('Invalid Email Address'));
return false;
} else {
$jabber_only=1;
}
- if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name LIKE $1',
- array ($unix_name))) > 0) {
+ if ($unix_name && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name LIKE $1',
+ array ($unix_name))) > 0) {
$this->setError(_('That username already exists.'));
return false;
}
if ($GLOBALS['sys_require_unique_email']) {
- if (db_numrows(db_query_params('SELECT user_id FROM users WHERE email ILIKE $1 OR email_new ILIKE $1',
- array ($email))) > 0) {
+ if (user_get_object_by_email ('$email')) {
$this->setError(_('User with this email already exists - use people search to recover your login.'));
return false;
}
}
+ if ($GLOBALS['sys_require_unique_email'] && !$unix_name) {
+ // Let's generate a loginname for the user
+ // ...based on the email address:
+ $email_array = explode ('@', $email, 2) ;
+ $email_u = $email_array [0] ;
+ $l = ereg_replace ('[^a-z0-9]', '', $email_u) ;
+ $l = substr ($l, 0, 15) ;
+ // Is the user part of the email address okay?
+ if (account_namevalid($l)
+ && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
+ array ($l))) == 0) {
+ $unix_name = $l ;
+ } else {
+ // No? What if we add a number at the end?
+ $i = 0 ;
+ while ($i < 1000) {
+ $c = substr ($l, 0, 15-strlen ("$i")) . "$i" ;
+ if (account_namevalid($c)
+ && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
+ array ($c))) == 0) {
+ $unix_name = $c ;
+ break;
+ }
+ $i++ ;
+ }
+ }
+ // If we're really unlucky, then let's go brute-force
+ while (!$unix_name) {
+ $c = substr (md5($email . rand()), 0, 15) ;
+ if (account_namevalid($c)
+ && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
+ array ($c))) == 0) {
+ $unix_name = $c ;
+ }
+ }
+ }
+ $unix_name=strtolower($unix_name);
+ if (!account_namevalid($unix_name)) {
+ $this->setError(_('Invalid Unix Name.'));
+ return false;
+ }
// if we got this far, it must be good
$confirm_hash = substr(md5($password1 . rand() . microtime()),0,16);
db_begin();
$ccode,
$theme_id)) ;
if (!$result) {
- $this->setError(_('Insert Failed') .db_error().$sql);
+ $this->setError(_('Insert Failed') . db_error());
db_rollback();
return false;
} else {
'),
$this->getUnixName(),
util_make_url ('/account/verify.php?confirm_hash=_'.$this->getConfirmHash()),
- $GLOBALS['sys_name']));
+ forge_get_config ('forge_name')));
util_send_message(
$this->getEmail(),
- sprintf(_('%1$s Account Registration'), $GLOBALS['sys_name']),
+ sprintf(_('%1$s Account Registration'), forge_get_config ('forge_name')),
$message
);
}
function getMD5Passwd() {
return $this->data_array['user_pw'];
}
+
+ //Added to be compatible with codendi getUserPw function
+ function getUserPw() {
+ return $this->data_array['user_pw'];
+ }
/**
* getConfirmHash - the confirm hash in the db.
function getEmail() {
return $this->data_array['email'];
}
+
+ /**
+ * getSha1Email - a SHA1 encoded hash of the email URI (including mailto: prefix)
+ *
+ * @return string The SHA1 encoded value for the email
+ */
+ function getSha1Email() {
+ return sha1('mailto:'.$this->getEmail());
+ }
/**
* getNewEmail - while changing an email address, it is stored here until confirmation.
*/
function setEmail($email) {
- if (!strcasecmp($this->getEmail(), $email)) {
+ if (!strcasecmp($this->getEmail(), stripslashes($email))) {
return true;
}
}
if ($GLOBALS['sys_require_unique_email']) {
- if (db_numrows(db_query_params('SELECT user_id FROM users WHERE email ILIKE $1 OR email_new ILIKE $2',
- array ($email, $email))) > 0) {
+ if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_id!=$1 AND (lower(email) LIKE $2 OR lower(email_new) LIKE $2)',
+ array ($this->getID(),
+ strtolower($email)))) > 0) {
$this->setError(_('User with this email already exists.'));
return false;
}
$hook_params['user_email'] = $email;
plugin_hook ("user_setemail", $hook_params);
- $this->data_array['email'] = $email;
+ if (!$this->fetchData($this->getId())) {
+ db_rollback();
+ return false;
+ }
+
db_commit();
return true;
}
}
if ($GLOBALS['sys_require_unique_email']) {
- if (db_numrows(db_query_params ('SELECT user_id FROM users WHERE email ILIKE $1 OR email_new ILIKE $1',
- array ($email))) > 0) {
+ if (db_numrows(db_query_params('SELECT user_id FROM users WHERE user_id!=$1 AND (lower(email) LIKE $2 OR lower(email_new) LIKE $2)',
+ array ($this->getID(),
+ strtolower($email)))) > 0) {
$this->setError(_('User with this email already exists.'));
return false;
}
* @return string This user's real name.
*/
function getRealName() {
- return $this->getFirstName(). ' ' .$this->getLastName();
+ $last_name = $this->getLastName();
+ return $this->getFirstName(). ($last_name ? ' ' .$last_name:'');
}
/**
//
// An optimization in session_getdata lets us pre-fetch this in most cases.....
//
- if (!$this->data_array['dirname']) {
+ if (!isset($this->data_array['dirname']) || !$this->data_array['dirname']) {
$res = db_query_params ('SELECT dirname FROM themes WHERE theme_id=$1',
array ($this->getThemeID())) ;
$this->theme=db_result($res,0,'dirname');
}
return $role;
}
+
+ function isMember($group_id, $type=0) {
+ if (!session_loggedin()) {
+ return false;
+ }
+
+ $project =& group_get_object($group_id);
+
+ if (!$project || !is_object($project)) {
+ exit_no_group();
+ }
+
+ $perm =& $project->getPermission( $this );
+ if (!$perm || !is_object($perm) || !$perm->isMember()) {
+ return false;
+ }
+
+ $type=strtoupper($type);
+
+ switch ($type) {
+ case 'P2' : {
+ //pm admin
+ return $perm->isPMAdmin();
+ break;
+ }
+ case 'F2' : {
+ //forum admin
+ return $perm->isForumAdmin();
+ break;
+ }
+ case '0' : {
+ //just in this group
+ return $perm->isMember();
+ break;
+ }
+ case 'A' : {
+ //admin for this group
+ return $perm->isAdmin();
+ break;
+ }
+ case 'D1' : {
+ //document editor
+ return $perm->isDocEditor();
+ break;
+ }
+ default : {
+ //fubar request
+ return false;
+ }
+ }
+ return false;
+
+ }
}
/*