* FusionForge user management
*
* Copyright 1999-2001, VA Linux Systems, Inc.
- * Copyright 2009, Roland Mas
+ * Copyright 2009-2010, Roland Mas
+ * Copyright 2011, Franck Villaume - Capgemini
+ * http://fusionforge.org
*
- * This file is part of FusionForge.
+ * This file is part of FusionForge. FusionForge is free software;
+ * you can redistribute it and/or modify it under the terms of the
+ * GNU General Public License as published by the Free Software
+ * Foundation; either version 2 of the Licence, or (at your option)
+ * any later version.
*
- * FusionForge is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
- * by the Free Software Foundation; either version 2 of the License,
- * or (at your option) any later version.
- *
- * FusionForge is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
+ * FusionForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with FusionForge; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
+ * You should have received a copy of the GNU General Public License along
+ * with FusionForge; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
$USER_OBJ=array();
/**
* user_get_object_by_name() - Get User object by username.
- * user_get_object is useful so you can pool user objects/save database queries
- * You should always use this instead of instantiating the object directly
- *
- * @param string The unix username - required
- * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
- * @return a user object or false on failure
+ * user_get_object is useful so you can pool user objects/save database queries
+ * You should always use this instead of instantiating the object directly
*
+ * @param string The unix username - required
+ * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
+ * @return a user object or false on failure
*/
-function &user_get_object_by_name($user_name,$res=false) {
+function &user_get_object_by_name($user_name, $res = false) {
$user_name = strtolower($user_name);
if (!$res) {
- $res = db_query_params ('SELECT * FROM users WHERE user_name=$1',
- array ($user_name)) ;
+ $res = db_query_params('SELECT * FROM users WHERE user_name=$1',
+ array($user_name));
}
- return user_get_object(db_result($res,0,'user_id'),$res);
+ return user_get_object(db_result($res, 0, 'user_id'), $res);
}
/**
* user_get_object_by_email() - Get User object by email address
- * Only works if sys_require_unique_email is true
+ * Only works if sys_require_unique_email is true
*
- * @param string The unix username - required
- * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
- * @return a user object or false on failure
+ * @param string The unix username - required
+ * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
+ * @return a user object or false on failure
*
*/
-function user_get_object_by_email($email,$res=false) {
+function user_get_object_by_email($email ,$res = false) {
if (!validate_email($email)
|| !forge_get_config('require_unique_email')) {
- return false ;
+ return false;
}
if (!$res) {
$res=db_query_params('SELECT * FROM users WHERE email=$1',
- array ($email));
+ array($email));
}
- return user_get_object(db_result($res,0,'user_id'),$res);
+ return user_get_object(db_result($res, 0, 'user_id'), $res);
}
/**
* user_get_object() - Get User object by user ID.
- * user_get_object is useful so you can pool user objects/save database queries
- * You should always use this instead of instantiating the object directly
- *
- * @param int The ID of the user - required
- * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
- * @return a user object or false on failure
+ * user_get_object is useful so you can pool user objects/save database queries
+ * You should always use this instead of instantiating the object directly
*
+ * @param int The ID of the user - required
+ * @param int The result set handle ("SELECT * FROM USERS WHERE user_id=xx")
+ * @return object a user object or false on failure
*/
-function &user_get_object($user_id,$res=false) {
+function &user_get_object($user_id, $res = false) {
//create a common set of group objects
//saves a little wear on the database
-
- //automatically checks group_type and
+
+ //automatically checks group_type and
//returns appropriate object
-
+
global $USER_OBJ;
if (!isset($USER_OBJ["_".$user_id."_"])) {
if ($res) {
//the db result handle was passed in
} else {
- $res = db_query_params ('SELECT * FROM users WHERE user_id=$1',
- array ($user_id)) ;
+ $res = db_query_params('SELECT * FROM users WHERE user_id=$1',
+ array($user_id));
}
if (!$res || db_numrows($res) < 1) {
$USER_OBJ["_".$user_id."_"]=false;
$fetch = array();
$return = array();
- for ($i=0; $i<count($id_arr); $i++) {
+ foreach ($id_arr as $id) {
//
// See if this ID already has been fetched in the cache
//
- if (!$id_arr[$i]) {
- continue;
- }
- if (!isset($USER_OBJ["_".$id_arr[$i]."_"])) {
- $fetch[]=$id_arr[$i];
- } else {
- $return[] =& $USER_OBJ["_".$id_arr[$i]."_"];
+ if (!isset($USER_OBJ["_".$id."_"])) {
+ $fetch[]=$id;
}
}
if (count($fetch) > 0) {
- $res = db_query_params ('SELECT * FROM users WHERE user_id = ANY ($1)',
- array (db_int_array_to_any_clause ($fetch))) ;
+ $res = db_query_params('SELECT * FROM users WHERE user_id = ANY ($1)',
+ array(db_int_array_to_any_clause ($fetch)));
while ($arr = db_fetch_array($res)) {
$USER_OBJ["_".$arr['user_id']."_"] = new GFUser($arr['user_id'],$arr);
- $return[] =& $USER_OBJ["_".$arr['user_id']."_"];
}
}
+ foreach ($id_arr as $id) {
+ $return[] =& $USER_OBJ["_".$id."_"];
+ }
return $return;
}
function &user_get_objects_by_name($username_arr) {
- $res = db_query_params ('SELECT user_id FROM users WHERE lower(user_name) = ANY ($1)',
- array (db_string_array_to_any_clause ($username_arr))) ;
- $arr =& util_result_column_to_array($res,0);
+ $res = db_query_params('SELECT user_id FROM users WHERE lower(user_name) = ANY ($1)',
+ array(db_string_array_to_any_clause ($username_arr)));
+ $arr =& util_result_column_to_array($res, 0);
+ return user_get_objects($arr);
+}
+
+function &user_get_objects_by_email($email_arr) {
+ $res=db_query_params('SELECT user_id FROM users WHERE lower(email) = ANY ($1)',
+ array(db_string_array_to_any_clause ($email_arr)));
+ $arr =& util_result_column_to_array($res, 0);
return user_get_objects($arr);
}
+function &user_get_active_users() {
+ $res=db_query_params('SELECT user_id FROM users WHERE status=$1',
+ array('A'));
+ return user_get_objects(util_result_column_to_array($res, 0));
+}
+
class GFUser extends Error {
- /**
+ /**
* Associative array of data from db.
*
- * @var array $data_array.
+ * @var array $data_array.
*/
var $data_array;
-
+
/**
* Is this person a site super-admin?
*
- * @var bool $is_super_user
+ * @var bool $is_super_user
*/
var $is_super_user;
/**
* Is this person the logged in user?
*
- * @var bool $is_logged_in
+ * @var bool $is_logged_in
*/
var $is_logged_in;
/**
* Array of preferences
*
- * @var array $user_pref
+ * @var array $user_pref
*/
var $user_pref;
var $theme_id;
/**
- * GFUser($id,$res) - CONSTRUCTOR - GENERALLY DON'T USE THIS
+ * GFUser($id,$res) - CONSTRUCTOR - GENERALLY DON'T USE THIS
*
- * instead use the user_get_object() function call
+ * instead use the user_get_object() function call
*
- * @param int The user_id
- * @param int The database result set OR array of data
+ * @param int The user_id
+ * @param int The database result set OR array of data
*/
- function GFUser($id=false,$res=false) {
+ function GFUser($id = false, $res = false) {
$this->Error();
if (!$id) {
//setting up an empty object
$this->data_array =& $res;
} elseif (db_numrows($res) < 1) {
//function in class we extended
- $this->setError('User Not Found');
+ $this->setError(_('User Not Found'));
$this->data_array=array();
return false;
} else {
$this->is_logged_in=false;
return true;
}
-
+
/**
* create() - Create a new user.
*
* @param string The users preferred default timezone.
* @param string The users preference for receiving site updates by email.
* @param string The users preference for receiving community updates by email.
- * @param int The ID of the language preference.
+ * @param int The ID of the language preference.
* @param string The users preferred timezone.
* @param string The users Jabber address.
- * @param int The users Jabber preference.
- * @param int The users theme_id.
+ * @param int The users Jabber preference.
+ * @param int The users theme_id.
* @param string The users unix_box.
* @param string The users address.
* @param string The users address part 2.
* @param string The users title.
* @param char(2) The users ISO country_code.
* @param bool Whether to send an email or not
- * @returns The newly created user ID
+ * @param int The users preference for tooltips
+ * @returns The newly created user ID
*
*/
- function create($unix_name,$firstname,$lastname,$password1,$password2,$email,
- $mail_site,$mail_va,$language_id,$timezone,$jabber_address,$jabber_only,$theme_id,
- $unix_box='shell',$address='',$address2='',$phone='',$fax='',$title='',$ccode='US',$send_mail=true) {
+ function create($unix_name, $firstname, $lastname, $password1, $password2, $email,
+ $mail_site, $mail_va, $language_id, $timezone, $jabber_address, $jabber_only, $theme_id,
+ $unix_box = 'shell', $address = '', $address2 = '', $phone = '', $fax = '', $title = '', $ccode = 'US', $send_mail = true, $tooltips = true) {
global $SYS;
if (!$theme_id) {
$this->setError(_('You must supply a theme'));
return false;
}
if (!validate_email($email)) {
- $this->setError(_('Invalid Email Address') . $email);
+ $this->setError(_('Invalid Email Address:') .' '. $email);
return false;
}
if ($jabber_address && !validate_email($jabber_address)) {
$jabber_only=1;
}
if ($unix_name && db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name LIKE $1',
- array ($unix_name))) > 0) {
+ array($unix_name))) > 0) {
$this->setError(_('That username already exists.'));
return false;
}
if (forge_get_config('require_unique_email')) {
- if (user_get_object_by_email ('$email')) {
+ if (user_get_object_by_email('$email')) {
$this->setError(_('User with this email already exists - use people search to recover your login.'));
return false;
}
// Let's generate a loginname for the user
// ...based on the email address:
$email_array = explode ('@', $email, 2) ;
- $email_u = $email_array [0] ;
- $l = ereg_replace ('[^a-z0-9]', '', $email_u) ;
- $l = substr ($l, 0, 15) ;
+ $email_u = $email_array [0];
+ $l = preg_replace('/[^a-z0-9]/', '', $email_u);
+ $l = substr ($l, 0, 15);
// Is the user part of the email address okay?
if (account_namevalid($l)
&& db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
- array ($l))) == 0) {
+ array($l))) == 0) {
$unix_name = $l ;
} else {
// No? What if we add a number at the end?
$c = substr ($l, 0, 15-strlen ("$i")) . "$i" ;
if (account_namevalid($c)
&& db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
- array ($c))) == 0) {
- $unix_name = $c ;
+ array($c))) == 0) {
+ $unix_name = $c;
break;
}
- $i++ ;
+ $i++;
}
}
// If we're really unlucky, then let's go brute-force
while (!$unix_name) {
- $c = substr (md5($email . rand()), 0, 15) ;
+ $c = substr (md5($email . util_randbytes()), 0, 15);
if (account_namevalid($c)
&& db_numrows(db_query_params('SELECT user_id FROM users WHERE user_name = $1',
- array ($c))) == 0) {
- $unix_name = $c ;
+ array($c))) == 0) {
+ $unix_name = $c;
}
}
}
- $unix_name=strtolower($unix_name);
+ $unix_name = strtolower($unix_name);
if (!account_namevalid($unix_name)) {
$this->setError(_('Invalid Unix Name.'));
return false;
}
// if we got this far, it must be good
- $confirm_hash = substr(md5($password1 . rand() . microtime()),0,16);
+ $confirm_hash = substr(md5($password1 . util_randbytes() . microtime()),0,16);
db_begin();
- $result = db_query_params ('INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,status,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,unix_box,address,address2,phone,fax,title,ccode,theme_id) VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24)',
- array ($unix_name,
- md5($password1),
- account_genunixpw($password1),
- htmlspecialchars($firstname.' '.$lastname),
- htmlspecialchars($firstname),
- htmlspecialchars($lastname),
- $email,
- time(),
- 'P',
- $confirm_hash,
- (($mail_site)?"1":"0"),
- (($mail_va)?"1":"0"),
- $language_id,
- $timezone,
- $jabber_address,
- $jabber_only,
- $unix_box,
- htmlspecialchars($address),
- htmlspecialchars($address2),
- htmlspecialchars($phone),
- htmlspecialchars($fax),
- htmlspecialchars($title),
- $ccode,
- $theme_id)) ;
+ $result = db_query_params('INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,status,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,unix_box,address,address2,phone,fax,title,ccode,theme_id,tooltips)
+ VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25)',
+ array($unix_name,
+ md5($password1),
+ account_genunixpw($password1),
+ htmlspecialchars($firstname.' '.$lastname),
+ htmlspecialchars($firstname),
+ htmlspecialchars($lastname),
+ $email,
+ time(),
+ 'P',
+ $confirm_hash,
+ (($mail_site)?"1":"0"),
+ (($mail_va)?"1":"0"),
+ $language_id,
+ $timezone,
+ $jabber_address,
+ $jabber_only,
+ $unix_box,
+ htmlspecialchars($address),
+ htmlspecialchars($address2),
+ htmlspecialchars($phone),
+ htmlspecialchars($fax),
+ htmlspecialchars($title),
+ $ccode,
+ $theme_id,
+ $tooltips));
if (!$result) {
$this->setError(_('Insert Failed: ') . db_error());
db_rollback();
return false;
} else {
- $id = db_insertid($result,'users','user_id');
+ $id = db_insertid($result, 'users', 'user_id');
if (!$id) {
$this->setError('Could Not Get USERID: ' .db_error());
db_rollback();
return false;
}
- $hook_params = array ();
+ $hook_params = array();
$hook_params['user'] = $this;
$hook_params['user_id'] = $this->getID();
$hook_params['user_name'] = $unix_name;
$hook_params['user_password'] = $password1;
- plugin_hook ("user_create", $hook_params);
-
+ plugin_hook("user_create", $hook_params);
+
if ($send_mail) {
setup_gettext_from_lang_id($language_id);
$this->sendRegistrationEmail();
}
/**
- * sendRegistrationEmail() - Send email for registration verification
+ * sendRegistrationEmail() - Send email for registration verification
*
- * @return true or false
+ * @return bool success or not
*/
function sendRegistrationEmail() {
$message=stripcslashes(sprintf(_('Thank you for registering on the %3$s web site. You have
account with username %1$s created for you. In order
-to complete your registration, visit the following url:
+to complete your registration, visit the following url:
<%2$s>
-- the %3$s staff
'),
$this->getUnixName(),
- util_make_url ('/account/verify.php?confirm_hash=_'.$this->getConfirmHash()),
- forge_get_config ('forge_name')));
+ util_make_url('/account/verify.php?confirm_hash=_'.$this->getConfirmHash()),
+ forge_get_config('forge_name')));
util_send_message(
$this->getEmail(),
- sprintf(_('%1$s Account Registration'), forge_get_config ('forge_name')),
+ sprintf(_('%1$s Account Registration'), forge_get_config('forge_name')),
$message
);
}
/**
- * delete() - remove the User from all his groups.
+ * delete() - remove the User from all his groups.
*
- * Remove the User from all his groups and set his status to D.
+ * Remove the User from all his groups and set his status to D.
*
- * @param boolean Confirmation of deletion.
- * @return true or false
+ * @param boolean Confirmation of deletion.
+ * @return boolean success or not
*/
function delete($sure) {
if (!$sure) {
}
db_begin();
- $res = db_query_params ('DELETE FROM artifact_monitor WHERE user_id=$1',
- array ($this->getID())) ;
+ $res = db_query_params('DELETE FROM artifact_monitor WHERE user_id=$1',
+ array($this->getID()));
if (!$res) {
- $this->setError('ERROR - Could Not Delete From artifact_monitor: '.db_error());
+ $this->setError('ERROR - ' . _('Could Not Delete From artifact_monitor:') . ' '.db_error());
db_rollback();
return false;
}
- $res = db_query_params ('DELETE FROM artifact_type_monitor WHERE user_id=$1',
- array ($this->getID())) ;
+ $res = db_query_params('DELETE FROM artifact_type_monitor WHERE user_id=$1',
+ array($this->getID()));
if (!$res) {
- $this->setError('ERROR - Could Not Delete From artifact_type_monitor: '.db_error());
+ $this->setError('ERROR - ' . _('Could Not Delete From artifact_type_monitor:') . ' ' .db_error());
db_rollback();
return false;
}
- $res = db_query_params ('DELETE FROM forum_monitored_forums WHERE user_id=$1',
- array ($this->getID())) ;
+ $res = db_query_params('DELETE FROM forum_monitored_forums WHERE user_id=$1',
+ array($this->getID()));
if (!$res) {
- $this->setError('ERROR - Could Not Delete From forum_monitored_forums: '.db_error());
+ $this->setError('ERROR - ' . _('Could Not Delete From forum_monitored_forums:') . ' '.db_error());
db_rollback();
return false;
- }
- $res = db_query_params ('DELETE FROM filemodule_monitor WHERE user_id=$1',
- array ($this->getID())) ;
+ }
+ $res = db_query_params('DELETE FROM filemodule_monitor WHERE user_id=$1',
+ array($this->getID()));
if (!$res) {
- $this->setError('ERROR - Could Not Delete From filemodule_monitor: '.db_error());
+ $this->setError('ERROR - ' . _('Could Not Delete From filemodule_monitor:') . ' '.db_error());
db_rollback();
return false;
}
$hook_params = array ();
$hook_params['user'] = $this;
$hook_params['user_id'] = $this->getID();
- plugin_hook ("user_delete", $hook_params);
-
+ plugin_hook("user_delete", $hook_params);
+
$this->setStatus('D');
db_commit();
}
}
/**
- * update() - update *common* properties of GFUser object.
+ * update() - update *common* properties of GFUser object.
*
- * Use specific setter to change other properties.
+ * Use specific setter to change other properties.
*
- * @param string The users first name.
- * @param string The users last name.
- * @param int The ID of the users language preference.
- * @param string The useres timezone preference.
- * @param string The users preference for receiving site updates by email.
- * @param string The users preference for receiving community updates by email.
- * @param string The users preference for being participating in "peer ratings".
- * @param string The users Jabber account address.
- * @param int The users Jabber preference.
- * @param int The users theme_id preference.
- * @param string The users address.
- * @param string The users address2.
- * @param string The users phone.
- * @param string The users fax.
- * @param string The users title.
- * @param string The users ccode.
+ * @param string The users first name.
+ * @param string The users last name.
+ * @param int The ID of the users language preference.
+ * @param string The useres timezone preference.
+ * @param string The users preference for receiving site updates by email.
+ * @param string The users preference for receiving community updates by email.
+ * @param string The users preference for being participating in "peer ratings".
+ * @param string The users Jabber account address.
+ * @param int The users Jabber preference.
+ * @param int The users theme_id preference.
+ * @param string The users address.
+ * @param string The users address2.
+ * @param string The users phone.
+ * @param string The users fax.
+ * @param string The users title.
+ * @param string The users ccode.
+ * @param int The users preference for tooltips.
+ * @param string The users email.
*/
- function update($firstname,$lastname,$language_id,$timezone,$mail_site,$mail_va,$use_ratings,
- $jabber_address,$jabber_only,$theme_id,$address,$address2,$phone,$fax,$title,$ccode) {
+ function update($firstname, $lastname, $language_id, $timezone, $mail_site, $mail_va, $use_ratings,
+ $jabber_address, $jabber_only, $theme_id, $address, $address2, $phone, $fax, $title, $ccode, $tooltips, $email='') {
$mail_site = $mail_site ? 1 : 0;
$mail_va = $mail_va ? 1 : 0;
$block_ratings = $use_ratings ? 0 : 1;
return false;
}
if (!$jabber_only) {
- $jabber_only=0;
+ $jabber_only = 0;
} else {
- $jabber_only=1;
+ $jabber_only = 1;
}
db_begin();
- $res = db_query_params ('
- UPDATE users
- SET
- realname=$1,
- firstname=$2,
- lastname=$3,
- language=$4,
- timezone=$5,
- mail_siteupdates=$6,
- mail_va=$7,
- block_ratings=$8,
- jabber_address=$9,
- jabber_only=$10,
- address=$11,
- address2=$12,
- phone=$13,
- fax=$14,
- title=$15,
- ccode=$16,
- theme_id=$17
- WHERE user_id=$18',
- array (
- htmlspecialchars($firstname . ' ' .$lastname),
- htmlspecialchars($firstname),
- htmlspecialchars($lastname),
- $language_id,
- $timezone,
- $mail_site,
- $mail_va,
- $block_ratings,
- $jabber_address,
- $jabber_only,
- htmlspecialchars($address) ,
- htmlspecialchars($address2) ,
- htmlspecialchars($phone) ,
- htmlspecialchars($fax) ,
- htmlspecialchars($title) ,
- $ccode,
- $theme_id,
- $this->getID())) ;
+ $res = db_query_params('
+ UPDATE users
+ SET
+ realname=$1,
+ firstname=$2,
+ lastname=$3,
+ language=$4,
+ timezone=$5,
+ mail_siteupdates=$6,
+ mail_va=$7,
+ block_ratings=$8,
+ jabber_address=$9,
+ jabber_only=$10,
+ address=$11,
+ address2=$12,
+ phone=$13,
+ fax=$14,
+ title=$15,
+ ccode=$16,
+ theme_id=$17,
+ tooltips=$18
+ WHERE user_id=$19',
+ array (
+ htmlspecialchars($firstname . ' ' .$lastname),
+ htmlspecialchars($firstname),
+ htmlspecialchars($lastname),
+ $language_id,
+ $timezone,
+ $mail_site,
+ $mail_va,
+ $block_ratings,
+ $jabber_address,
+ $jabber_only,
+ htmlspecialchars($address),
+ htmlspecialchars($address2),
+ htmlspecialchars($phone),
+ htmlspecialchars($fax),
+ htmlspecialchars($title),
+ $ccode,
+ $theme_id,
+ $tooltips,
+ $this->getID()));
if (!$res) {
- $this->setError('ERROR - Could Not Update User Object: '.db_error());
+ $this->setError(_('ERROR - Could Not Update User Object:'). ' ' .db_error());
db_rollback();
return false;
- } else {
- // If there's a transaction from using to not
- // using ratings, remove all rating made by the
- // user (ratings by others should not be removed,
- // as it opens possibility to abuse rate system)
- if (!$use_ratings && $this->usesRatings()) {
- db_query_params ('DELETE FROM user_ratings WHERE rated_by=$1',
- array($user_id));
- }
- if (!$this->fetchData($this->getID())) {
- db_rollback();
- return false;
- }
-
- $hook_params = array ();
- $hook_params['user'] = $this;
- $hook_params['user_id'] = $this->getID();
- plugin_hook ("user_update", $hook_params);
-
- db_commit();
- return true;
}
+
+ if ($email && $email != $this->getEmail()
+ && !$this->setEmail($email)) {
+ return false;
+ }
+
+ // If there's a transaction from using to not
+ // using ratings, remove all rating made by the
+ // user (ratings by others should not be removed,
+ // as it opens possibility to abuse rate system)
+ if (!$use_ratings && $this->usesRatings()) {
+ db_query_params('DELETE FROM user_ratings WHERE rated_by=$1',
+ array($user_id));
+ }
+ if (!$this->fetchData($this->getID())) {
+ db_rollback();
+ return false;
+ }
+
+ $hook_params = array ();
+ $hook_params['user'] = $this;
+ $hook_params['user_id'] = $this->getID();
+ plugin_hook ("user_update", $hook_params);
+
+ db_commit();
+ return true;
}
/**
- * fetchData - May need to refresh database fields.
+ * fetchData - May need to refresh database fields.
*
- * If an update occurred and you need to access the updated info.
+ * If an update occurred and you need to access the updated info.
*
- * @return boolean success;
+ * @param int the User ID data to be fecthed
+ * @return boolean success;
*/
function fetchData($user_id) {
$res = db_query_params ('SELECT * FROM users WHERE user_id=$1',
$this->data_array = db_fetch_array($res);
return true;
}
-
+
/**
- * getID - Simply return the user_id for this object.
+ * getID - Simply return the user_id for this object.
*
- * @return int This user's user_id number.
+ * @return int This user's user_id number.
*/
function getID() {
return $this->data_array['user_id'];
}
/**
- * getStatus - get the status of this user.
+ * getStatus - get the status of this user.
*
- * Statuses include (A)ctive, (P)ending, (S)uspended ,(D)eleted.
+ * Statuses include (A)ctive, (P)ending, (S)uspended ,(D)eleted.
*
- * @return char This user's status flag.
+ * @return char This user's status flag.
*/
function getStatus() {
return $this->data_array['status'];
}
/**
- * setStatus - set this user's status.
+ * setStatus - set this user's status.
*
- * @param string Status - P, A, S, or D.
- * @return boolean success.
+ * @param string Status - P, A, S, or D.
+ * @return boolean success.
*/
function setStatus($status) {
if ($status != 'P' && $status != 'A'
&& $status != 'S' && $status != 'D') {
- $this->setError('ERROR: Invalid status value');
+ $this->setError(_('ERROR: Invalid status value'));
+ return false;
+ }
+ if ($this->getStatus() != 'P' && $status == 'P') {
+ $this->setError('ERROR: You can\'t set pending status if user is suspend or active');
return false;
}
$this->getID())) ;
if (!$res) {
- $this->setError('ERROR - Could Not Update User Status: '.db_error());
+ $this->setError(_('ERROR - Could Not Update User Status:') . ' ' .db_error());
db_rollback();
return false;
} else {
$this->data_array['status']=$status;
if ($status == 'D') {
- // Remove this user from all groups
- $res = db_query_params ('DELETE FROM user_group WHERE user_id=$1',
- array ($this->getID())) ;
- if (!$res) {
- $this->setError('ERROR - Could Not Propogate Deleted Status: '.db_error());
- db_rollback();
- return false;
+ $projects = $this->getGroups() ;
+ foreach ($projects as $p) {
+ $p->removeUser ($this->getID()) ;
}
}
+
$hook_params = array ();
$hook_params['user'] = $this;
$hook_params['user_id'] = $this->getID();
$hook_params['status'] = $status;
plugin_hook ("user_setstatus", $hook_params);
-
+
db_commit();
-
- //plugin webcalendar, create cal_user
- plugin_hook('add_cal_user',$this->getID());
-
+
return true;
}
}
/**
- * isActive - whether this user is confirmed and active.
+ * isActive - whether this user is confirmed and active.
*
- * Database field status of 'A' returns true.
- * @return boolean is_active.
+ * Database field status of 'A' returns true.
+ * @return boolean is_active.
*/
function isActive() {
if ($this->getStatus()=='A') {
}
/**
- * getUnixStatus - Status of activation of unix account.
+ * getUnixStatus - Status of activation of unix account.
*
- * @return char (N)one, (A)ctive, (S)uspended or (D)eleted
+ * @return char (N)one, (A)ctive, (S)uspended or (D)eleted
*/
function getUnixStatus() {
return $this->data_array['unix_status'];
}
/**
- * setUnixStatus - Sets status of activation of unix account.
+ * setUnixStatus - Sets status of activation of unix account.
*
- * @param string The unix status.
+ * @param string The unix status.
* N no_unix_account
* A active
* S suspended
* D deleted
*
- * @return boolean success.
+ * @return boolean success.
*/
function setUnixStatus($status) {
global $SYS;
}
}
}
-
+
$this->data_array['unix_status']=$status;
db_commit();
return true;
}
/**
- * getUnixName - the user's unix_name.
+ * getUnixName - the user's unix_name.
*
- * @return string This user's unix/login name.
+ * @return string This user's unix/login name.
*/
function getUnixName() {
return strtolower($this->data_array['user_name']);
}
/**
- * getUnixPasswd - get the user's password.
+ * getUnixPasswd - get the user's password.
*
- * @return string This user's unix crypted passwd.
+ * @return string This user's unix crypted passwd.
*/
function getUnixPasswd() {
return $this->data_array['unix_pw'];
}
/**
- * getUnixBox - the hostname of the unix box this user has an account on.
+ * getUnixBox - the hostname of the unix box this user has an account on.
*
- * @return string This user's shell login machine.
+ * @return string This user's shell login machine.
*/
function getUnixBox() {
return $this->data_array['unix_box'];
}
/**
- * getMD5Passwd - the password.
+ * getMD5Passwd - the password.
*
- * @return string This user's MD5-crypted passwd.
+ * @return string This user's MD5-crypted passwd.
*/
function getMD5Passwd() {
return $this->data_array['user_pw'];
}
-
+
//Added to be compatible with codendi getUserPw function
function getUserPw() {
- return $this->data_array['user_pw'];
+ return $this->data_array['user_pw'];
}
/**
- * getConfirmHash - the confirm hash in the db.
+ * getConfirmHash - the confirm hash in the db.
*
- * @return string This user's confirmation hash.
+ * @return string This user's confirmation hash.
*/
function getConfirmHash() {
return $this->data_array['confirm_hash'];
}
/**
- * getEmail - the user's email address.
+ * getEmail - the user's email address.
*
- * @return string This user's email address.
+ * @return string This user's email address.
*/
function getEmail() {
- return $this->data_array['email'];
+ return str_replace("\n", "", $this->data_array['email']);
}
-
+
/**
* getSha1Email - a SHA1 encoded hash of the email URI (including mailto: prefix)
- *
+ *
* @return string The SHA1 encoded value for the email
*/
function getSha1Email() {
}
/**
- * getNewEmail - while changing an email address, it is stored here until confirmation.
+ * getNewEmail - while changing an email address, it is stored here until confirmation.
*
- * getNewEmail is a private operation for email change.
+ * getNewEmail is a private operation for email change.
*
- * @return string This user's new (not yet confirmed) email address.
- * @private
+ * @return string This user's new (not yet confirmed) email address.
+ * @private
*/
function getNewEmail() {
return $this->data_array['email_new'];
}
/**
- * setEmail - set a new email address, which must be confirmed.
+ * setEmail - set a new email address, which must be confirmed.
*
- * @param string The email address.
- * @return boolean success.
+ * @param string The email address.
+ * @return boolean success.
*/
function setEmail($email) {
db_begin();
$res = db_query_params ('UPDATE users SET email=$1 WHERE user_id=$2',
array ($email,
- $this->getID())) ;
+ $this->getID()));
if (!$res) {
$this->setError('ERROR - Could Not Update User Email: '.db_error());
$hook_params['user'] = $this;
$hook_params['user_id'] = $this->getID();
$hook_params['user_email'] = $email;
- plugin_hook ("user_setemail", $hook_params);
-
+ plugin_hook("user_setemail", $hook_params);
+
if (!$this->fetchData($this->getId())) {
db_rollback();
return false;
}
/**
- * setNewEmailAndHash - setNewEmailAndHash is a private operation for email change.
+ * setNewEmailAndHash - setNewEmailAndHash is a private operation for email change.
*
- * @param string The email address.
- * @param string The email hash.
- * @return boolean success.
+ * @param string The email address.
+ * @param string The email hash.
+ * @return boolean success.
*/
function setNewEmailAndHash($email, $hash='') {
if (!$hash) {
- $hash = substr(md5(strval(time()) . strval(mt_rand())), 0, 16);
+ $hash = substr(md5(strval(time()) . strval(util_randbytes())), 0, 16);
}
if (!$email || !validate_email($email)) {
}
}
$res = db_query_params ('UPDATE users SET confirm_hash=$1, email_new=$2 WHERE user_id=$3',
- array ($hash,
+ array($hash,
$email,
- $this->getID())) ;
+ $this->getID()));
if (!$res) {
$this->setError('ERROR - Could Not Update User Email And Hash: '.db_error());
return false;
} else {
- $this->data_array['email_new'] = $email;
+ $this->data_array['email_new'] = $email;
$this->data_array['confirm_hash'] = $hash;
return true;
}
}
/**
- * getRealName - get the user's real name.
+ * getRealName - get the user's real name.
*
- * @return string This user's real name.
+ * @return string This user's real name.
*/
function getRealName() {
$last_name = $this->getLastName();
}
/**
- * getFirstName - get the user's first name.
+ * getFirstName - get the user's first name.
*
- * @return string This user's first name.
+ * @return string This user's first name.
*/
function getFirstName() {
return $this->data_array['firstname'];
}
/**
- * getLastName - get the user's last name.
+ * getLastName - get the user's last name.
*
- * @return string This user's last name.
+ * @return string This user's last name.
*/
function getLastName() {
return $this->data_array['lastname'];
}
/**
- * getAddDate - this user's unix time when account was opened.
+ * getAddDate - this user's unix time when account was opened.
*
- * @return int This user's unix time when account was opened.
+ * @return int This user's unix time when account was opened.
*/
function getAddDate() {
return $this->data_array['add_date'];
}
/**
- * getTimeZone - this user's timezone setting.
+ * getTimeZone - this user's timezone setting.
*
- * @return string This user's timezone setting.
+ * @return string This user's timezone setting.
*/
function getTimeZone() {
return $this->data_array['timezone'];
}
/**
- * getCountryCode - this user's ccode setting.
+ * getCountryCode - this user's ccode setting.
*
- * @return string This user's ccode setting.
+ * @return string This user's ccode setting.
*/
function getCountryCode() {
return $this->data_array['ccode'];
}
/**
- * getShell - this user's preferred shell.
+ * getShell - this user's preferred shell.
*
- * @return string This user's preferred shell.
+ * @return string This user's preferred shell.
*/
function getShell() {
return $this->data_array['shell'];
}
/**
- * setShell - sets user's preferred shell.
+ * setShell - sets user's preferred shell.
*
- * @param string The users preferred shell.
- * @return boolean success.
+ * @param string The users preferred shell.
+ * @return boolean success.
*/
function setShell($shell) {
global $SYS;
$out_shells[] = chop($s);
}
if (!in_array($shell, $out_shells)) {
- $this->setError('ERROR: Invalid Shell');
+ $this->setError(_('ERROR: Invalid Shell'));
return false;
}
array ($shell,
$this->getID())) ;
if (!$res) {
- $this->setError('ERROR - Could Not Update User Unix Shell: '.db_error());
+ $this->setError(_('ERROR - Could Not Update User Unix Shell:') . ' ' .db_error());
db_rollback();
return false;
} else {
}
/**
- * getUnixUID() - Get the unix UID of the user
+ * getUnixUID() - Get the unix UID of the user
*
- * @return int This user's UID.
+ * @return int This user's UID.
*/
function getUnixUID() {
return $this->data_array['unix_uid'];
}
/**
- * getUnixGID() - Get the unix GID of the user
+ * getUnixGID() - Get the unix GID of the user
*
- * @return int This user's GID.
+ * @return int This user's GID.
*/
function getUnixGID() {
return $this->data_array['unix_gid'];
}
/**
- * getLanguage - this user's language_id from supported_languages table.
+ * getLanguage - this user's language_id from supported_languages table.
*
- * @return int This user's language_id.
+ * @return int This user's language_id.
*/
function getLanguage() {
return $this->data_array['language'];
}
/**
- * getJabberAddress - this user's optional jabber address.
+ * getJabberAddress - this user's optional jabber address.
*
- * @return string This user's jabber address.
+ * @return string This user's jabber address.
*/
function getJabberAddress() {
return $this->data_array['jabber_address'];
}
/**
- * getJabberOnly - whether this person wants updates sent ONLY to jabber.
+ * getJabberOnly - whether this person wants updates sent ONLY to jabber.
*
- * @return boolean This user's jabber preference.
+ * @return boolean This user's jabber preference.
*/
function getJabberOnly() {
return $this->data_array['jabber_only'];
}
/**
- * getAddress - get this user's address.
+ * getAddress - get this user's address.
*
- * @return text This user's address.
+ * @return text This user's address.
*/
function getAddress() {
return $this->data_array['address'];
}
/**
- * getAddress2 - get this user's address2.
+ * getAddress2 - get this user's address2.
*
- * @return text This user's address2.
+ * @return text This user's address2.
*/
function getAddress2() {
return $this->data_array['address2'];
}
/**
- * getPhone - get this person's phone number.
+ * getPhone - get this person's phone number.
*
- * @return text This user's phone number.
+ * @return text This user's phone number.
*/
function getPhone() {
return $this->data_array['phone'];
}
/**
- * getFax - get this person's fax number.
+ * getFax - get this person's fax number.
*
- * @return text This user's fax.
+ * @return text This user's fax.
*/
function getFax() {
return $this->data_array['fax'];
}
/**
- * getTitle - get this person's title.
+ * getTitle - get this person's title.
*
- * @return text This user's title.
+ * @return text This user's title.
*/
function getTitle() {
return $this->data_array['title'];
}
/**
- * getGroups - get an array of groups this user is a member of.
+ * getGroups - get an array of groups this user is a member of.
*
- * @return array Array of groups.
+ * @return array Array of groups.
*/
- function &getGroups() {
-
- if (USE_PFO_RBAC) {
- $roles = RBACEngine::getInstance()->getAvailableRolesForUser ($this) ;
- $ids = array () ;
- foreach ($roles as $r) {
+ function &getGroups($onlylocal = true) {
+ $ids = array();
+ foreach ($this->getRoles() as $r) {
+ if ($onlylocal) {
if ($r instanceof RoleExplicit
&& $r->getHomeProject() != NULL) {
- $ids[] = $r->getHomeProject()->getID() ;
+ $ids[] = $r->getHomeProject()->getID();
+ }
+ } else {
+ foreach ($r->getLinkedProjects() as $p) {
+ $ids[] = $p->getID();
}
}
- return group_get_objects(array_unique($ids)) ;
- } else {
- $res = db_query_params ('SELECT group_id FROM user_group WHERE user_id=$1',
- array ($this->getID())) ;
- $arr =& util_result_column_to_array($res,0);
- return group_get_objects($arr);
}
+ return group_get_objects(array_values(array_unique($ids))) ;
}
/**
- * getAuthorizedKeys - the SSH authorized keys set by the user.
+ * getAuthorizedKeys - the SSH authorized keys set by the user.
*
- * @return string This user's SSH authorized (public) keys.
+ * @return string This user's SSH authorized (public) keys.
*/
function getAuthorizedKeys() {
return preg_replace("/###/", "\n", $this->data_array['authorized_keys']);
/**
* setAuthorizedKeys - set the SSH authorized keys for the user.
*
- * @param string The users public keys.
- * @return boolean success.
+ * @param string The users public keys.
+ * @return boolean success.
*/
function setAuthorizedKeys($keys) {
$keys = trim($keys);
- $keys = ereg_replace("\r\n", "\n", $keys); // Convert to Unix EOL
- $keys = ereg_replace("\n+", "\n", $keys); // Remove empty lines
- $keys = ereg_replace("\n", "###", $keys); // Convert EOL to marker
+ $keys = preg_replace("/\r\n/", "\n", $keys); // Convert to Unix EOL
+ $keys = preg_replace("/\n+/", "\n", $keys); // Remove empty lines
+ $keys = preg_replace("/\n/", "###", $keys); // Convert EOL to marker
- $res = db_query_params ('UPDATE users SET authorized_keys=$1 WHERE user_id=$2',
- array ($keys,
- $this->getID())) ;
+ $res = db_query_params('UPDATE users SET authorized_keys=$1 WHERE user_id=$2',
+ array($keys,
+ $this->getID()));
if (!$res) {
- $this->setError('ERROR - Could Not Update User SSH Keys');
+ $this->setError(_('ERROR - Could Not Update User SSH Keys'));
return false;
} else {
$this->data_array['authorized_keys'] = $keys;
}
/**
- * setLoggedIn($val) - Really only used by session code.
+ * setLoggedIn($val) - Really only used by session code.
*
- * @param boolean The session value.
+ * @param boolean The session value.
*/
function setLoggedIn($val=true) {
- $this->is_logged_in=$val;
+ $this->is_logged_in = $val;
+
if ($val) {
- //if this is the logged in user, see if they are a super user
- $result = db_query_params ('SELECT count(*) AS count FROM user_group WHERE user_id=$1 AND group_id=1 AND admin_flags=$2',
- array ($this->getID(),
- 'A')) ;
- if (!$result) {
- $this->is_super_user=false;
- return;
- }
- $row_count = db_fetch_array($result);
- $this->is_super_user = ($row_count['count'] > 0);
+ $this->is_super_user = forge_check_global_perm_for_user($this, 'forge_admin') ;
}
}
/**
- * isLoggedIn - only used by session code.
+ * isLoggedIn - only used by session code.
*
- * @return boolean is_logged_in.
+ * @return boolean is_logged_in.
*/
function isLoggedIn() {
return $this->is_logged_in;
}
/**
- * deletePreference - delete a preference for this user.
+ * deletePreference - delete a preference for this user.
*
- * @param string The unique field name for this preference.
- * @return boolean success.
+ * @param string The unique field name for this preference.
+ * @return boolean success.
*/
function deletePreference($preference_name) {
$preference_name=strtolower(trim($preference_name));
unset($this->user_pref["$preference_name"]);
- $res = db_query_params ('DELETE FROM user_preferences WHERE user_id=$1 AND preference_name=$2',
+ $res = db_query_params('DELETE FROM user_preferences WHERE user_id=$1 AND preference_name=$2',
array ($this->getID(),
- $preference_name)) ;
- return $res;
+ $preference_name));
+ return ((!$res || db_affected_rows($res) < 1) ? false : true);
}
/**
- * setPreference - set a new preference for this user.
+ * setPreference - set a new preference for this user.
*
- * @param string The unique field name for this preference.
- * @param string The value you are setting this preference to.
- * @return boolean success.
+ * @param string The unique field name for this preference.
+ * @param string The value you are setting this preference to.
+ * @return boolean success.
*/
function setPreference($preference_name,$value) {
$preference_name=strtolower(trim($preference_name));
$preference_name,
$value,
time())) ;
- return $result;
}
}
+ return ((!$result || db_affected_rows($result) < 1) ? false : true);
}
/**
- * getPreference - get a specific preference.
+ * getPreference - get a specific preference.
*
- * @param string The unique field name for this preference.
- * @return the preference string or false on failure.
+ * @param string The unique field name for this preference.
+ * @return string|bool the preference string or false on failure.
*/
function getPreference($preference_name) {
$preference_name=strtolower(trim($preference_name));
}
/**
- * setPasswd - Changes user's password.
+ * setPasswd - Changes user's password.
*
- * @param string The plaintext password.
- * @return boolean success.
+ * @param string The plaintext password.
+ * @return boolean success.
*/
function setPasswd($passwd) {
global $SYS;
$this->getID())) ;
if (!$res || db_affected_rows($res) < 1) {
- $this->setError('ERROR - Could Not Change User Password: '.db_error());
+ $this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
db_rollback();
return false;
} else {
}
/**
- * usesRatings - whether user participates in rating system.
+ * setMD5Passwd - Changes user's MD5 password.
+ *
+ * @param string The MD5-hashed password.
+ * @return boolean success.
+ */
+ function setMD5Passwd($md5) {
+ global $SYS;
+
+ db_begin();
+
+ if ($md5) {
+ $res = db_query_params('UPDATE users SET user_pw=$1 WHERE user_id=$2',
+ array($md5_pw,
+ $this->getID()));
+
+ if (!$res || db_affected_rows($res) < 1) {
+ $this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
+ db_rollback();
+ return false;
+ }
+ }
+ db_commit();
+ return true;
+ }
+
+ /**
+ * setUnixPasswd - Changes user's Unix-hashed password.
*
- * @return boolean success.
+ * @param string The Unix-hashed password.
+ * @return boolean success.
+ */
+ function setUnixPasswd($unix) {
+ global $SYS;
+
+ db_begin();
+
+ if ($unix) {
+ $res = db_query_params('UPDATE users SET unix_pw=$1 WHERE user_id=$1',
+ array ($unix_pw,
+ $this->getID()));
+
+ if (!$res || db_affected_rows($res) < 1) {
+ $this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
+ db_rollback();
+ return false;
+ }
+
+ // Now change system password, but only if corresponding
+ // entry exists (i.e. if user have shell access)
+ if ($SYS->sysCheckUser($this->getID())) {
+ if (!$SYS->sysUserSetAttribute($this->getID(),"userPassword",'{crypt}'.$unix)) {
+ $this->setError($SYS->getErrorMessage());
+ db_rollback();
+ return false;
+ }
+ }
+ }
+ db_commit();
+ return true;
+ }
+
+ /**
+ * usesRatings - whether user participates in rating system.
+ *
+ * @return boolean success.
*/
function usesRatings() {
return !$this->data_array['block_ratings'];
}
/**
- * getPlugins - get a list of all available user plugins
+ * usesTooltips - whether user enables or not tooltips.
+ *
+ * @return boolean success.
+ */
+ function usesTooltips() {
+ return $this->data_array['tooltips'];
+ }
+
+ /**
+ * getPlugins - get a list of all available user plugins
*
- * @return array array containing plugin_id => plugin_name
+ * @return array array containing plugin_id => plugin_name
*/
function getPlugins() {
if (!isset($this->plugins_data)) {
$this->plugins_data = array () ;
$res = db_query_params ('SELECT user_plugin.plugin_id, plugins.plugin_name
- FROM user_plugin, plugins
- WHERE user_plugin.user_id=$1
- AND user_plugin.plugin_id=plugins.plugin_id',
+ FROM user_plugin, plugins
+ WHERE user_plugin.user_id=$1
+ AND user_plugin.plugin_id=plugins.plugin_id',
array ($this->getID())) ;
$rows = db_numrows($res);
}
/**
- * usesPlugin - returns true if the user uses a particular plugin
+ * usesPlugin - returns true if the user uses a particular plugin
*
- * @param string name of the plugin
- * @return boolean whether plugin is being used or not
+ * @param string name of the plugin
+ * @return boolean whether plugin is being used or not
*/
function usesPlugin($pluginname) {
$plugins_data = $this->getPlugins() ;
}
/**
- * setPluginUse - enables/disables plugins for the user
+ * setPluginUse - enables/disables plugins for the user
*
- * @param string name of the plugin
- * @param boolean the new state
- * @return string database result
+ * @param string name of the plugin
+ * @param boolean the new state
+ * @return string database result
*/
function setPluginUse($pluginname, $val=true) {
if ($val == $this->usesPlugin($pluginname)) {
// State is already good, returning
- return true ;
+ return true;
}
- $res = db_query_params ('SELECT plugin_id FROM plugins WHERE plugin_name=$1',
- array ($pluginname)) ;
+ $res = db_query_params('SELECT plugin_id FROM plugins WHERE plugin_name=$1',
+ array($pluginname));
$rows = db_numrows($res);
if ($rows == 0) {
// Error: no plugin by that name
}
$plugin_id = db_result($res,0,'plugin_id');
// Invalidate cache
- unset ($this->plugins_data) ;
+ unset ($this->plugins_data);
if ($val) {
- return db_query_params ('INSERT INTO user_plugin (user_id,plugin_id) VALUES ($1,$2)',
- array ($this->getID(),
- $plugin_id)) ;
+ return db_query_params('INSERT INTO user_plugin (user_id,plugin_id) VALUES ($1,$2)',
+ array($this->getID(),
+ $plugin_id));
} else {
- return db_query_params ('DELETE FROM user_plugin WHERE user_id=$1 AND plugin_id=$2',
- array ($this->getID(),
- $plugin_id)) ;
+ return db_query_params('DELETE FROM user_plugin WHERE user_id=$1 AND plugin_id=$2',
+ array($this->getID(),
+ $plugin_id));
}
}
/**
- * getMailingsPrefs - Get activity status for one of the site mailings.
+ * getMailingsPrefs - Get activity status for one of the site mailings.
*
- * @param string The id of mailing ('mail_va' for community mailings, 'mail_siteupdates' for site mailings)
- * @return boolean success.
+ * @param string The id of mailing ('mail_va' for community mailings, 'mail_siteupdates' for site mailings)
+ * @return boolean success.
*/
function getMailingsPrefs($mailing_id) {
- if ($mailing_id=='va') {
+ if ($mailing_id == 'va') {
return $this->data_array['mail_va'];
- } else if ($mailing_id=='site') {
+ } else if ($mailing_id == 'site') {
return $this->data_array['mail_siteupdates'];
} else {
return 0;
}
/**
- * unsubscribeFromMailings - Disable email notifications for user.
+ * unsubscribeFromMailings - Disable email notifications for user.
*
- * @param boolean If false, disable general site mailings, else - all.
- * @return boolean success.
+ * @param boolean If false, disable general site mailings, else - all.
+ * @return boolean success.
*/
- function unsubscribeFromMailings($all=false) {
+ function unsubscribeFromMailings($all = false) {
$res1 = $res2 = $res3 = true;
$res1 = db_query_params ('UPDATE users SET mail_siteupdates=0, mail_va=0 WHERE user_id=$1',
array ($this->getID())) ;
if ($all) {
- $res2 = db_query_params ('DELETE FROM forum_monitored_forums WHERE user_id=$1',
+ $res2 = db_query_params('DELETE FROM forum_monitored_forums WHERE user_id=$1',
array ($this->getID())) ;
- $res3 = db_query_params ('DELETE FROM filemodule_monitor WHERE user_id=$1',
+ $res3 = db_query_params('DELETE FROM filemodule_monitor WHERE user_id=$1',
array ($this->getID())) ;
}
}
/**
- * getThemeID - get the theme_id for this user.
+ * getThemeID - get the theme_id for this user.
*
- * @return int The theme_id.
+ * @return int The theme_id.
*/
function getThemeID() {
return $this->data_array['theme_id'];
}
/**
- * getThemeID - get the theme_id for this user from the theme_prefs table.
+ * setUpTheme - get the theme path
*
- * @return int The theme_id.
+ * @return string The theme path.
*/
function setUpTheme() {
//
} else {
$this->theme=$this->data_array['dirname'];
}
- if (is_file(forge_get_config('themes_root').$this->theme.'/Theme.class.php')) {
+ if (is_file(forge_get_config('themes_root').'/'.$this->theme.'/Theme.class.php')) {
$GLOBALS['sys_theme']=$this->theme;
} else {
$this->theme=forge_get_config('default_theme');
}
/**
- * getRole() - Get user Role object.
+ * getRole() - Get user Role object.
*
- * @param object group object
- * @return object Role object
+ * @param object group object
+ * @return object Role object
*/
- function getRole(&$group) {
- if (!$group || !is_object($group)) {
- $this->setError('User::getRole : Unable to get group object');
- return false;
- }
- $res = db_query_params ('SELECT role_id FROM user_group WHERE user_id=$1 AND group_id=$2',
- array ($this->getID(),
- $group->getID())) ;
- if (!$res || db_numrows($res) < 1) {
- $this->setError('User::getRole::DB - Could Not get role_id '.db_error());
- return false;
- }
- $role_id = db_result($res,0,'role_id');
- //
- // Role setup
- //
- $role = new Role($group,$role_id);
- if (!$role || !is_object($role)) {
- $this->setError('Error Getting Role Object');
- return false;
- } elseif ($role->isError()) {
- $this->setError('User::getRole::roleget::'.$role->getErrorMessage());
- return false;
+ function getRole(&$g) {
+ if (is_int ($g) || is_string($g)) {
+ $group_id = $g;
+ } else {
+ $group_id = $g->getID();
+ }
+ foreach ($this->getRoles () as $r) {
+ if ($r instanceof RoleExplicit ) {
+ $homeproj = $r->getHomeProject();
+ if ($homeproj) {
+ if ($homeproj->getID() == $group_id) {
+ return $r;
+ }
+ }
+ }
}
- return $role;
+ return false;
+ }
+
+ function getRoles() {
+ return RBACEngine::getInstance()->getAvailableRolesForUser($this);
}
/* Codendi Glue */
- function isMember($group_id,$type=0){
- return user_ismember($group_id,$type);
+ function isMember($g, $type = 0){
+ if (is_int ($g) || is_string($g)) {
+ $group = group_get_object ($g) ;
+ $group_id = $g ;
+ } else {
+ $group = $g ;
+ $group_id = $group->getID() ;
+ }
+
+ switch ($type) {
+ case 0:
+ default:
+ foreach ($this->getGroups() as $p) {
+ if ($p->getID() == $group_id) {
+ return true ;
+ }
+ }
+ return false ;
+ break;
+ case 'P2':
+ //pm admin
+ return forge_check_perm_for_user($this, 'pm_admin', $group_id);
+ break;
+ case 'F2':
+ //forum admin
+ return forge_check_perm_for_user($this, 'forum_admin', $group_id);
+ break;
+ case 'A':
+ //admin for this group
+ return forge_check_perm_for_user($this, 'project_admin', $group_id);
+ break;
+ case 'D1':
+ //document editor
+ return forge_check_perm_for_user($this, 'docman', $group_id, 'admin');
+ break;
+ }
}
}
/**
- * user_ismember() - DEPRECATED; DO NOT USE!
- *
+ * user_ismember() - DEPRECATED; DO NOT USE! (TODO: document what should be used instead)
+ * Replace user_ismember(1[, 'A']) with forge_check_global_perm('forge_admin')
+ * Replace user_ismember($group_id, 'A') with forge_check_perm('project_admin', $group_id)
+ * For now, keep user_ismember($group_id) alone
* @param int The Group ID
* @param int The Type
* @deprecated
return false;
}
- $project =& group_get_object($group_id);
-
- if (!$project || !is_object($project)) {
- return false;
- }
-
- $perm =& $project->getPermission ();
- if (!$perm || !is_object($perm) || !$perm->isMember()) {
- return false;
- }
-
- $type=strtoupper($type);
-
- switch ($type) {
- case 'P2' : {
- //pm admin
- return $perm->isPMAdmin();
- break;
- }
- case 'F2' : {
- //forum admin
- return $perm->isForumAdmin();
- break;
- }
- case '0' : {
- //just in this group
- return $perm->isMember();
- break;
- }
- case 'A' : {
- //admin for this group
- return $perm->isAdmin();
- break;
- }
- case 'D1' : {
- //document editor
- return $perm->isDocEditor();
- break;
- }
- default : {
- //fubar request
- return false;
- }
- }
- return false;
+ return session_get_user()->isMember($group_id, $type) ;
}
/**
- * user_getname() - DEPRECATED; DO NOT USE!
+ * user_getname() - DEPRECATED; DO NOT USE! (TODO: document what should be used instead)
*
* @param int The User ID
* @deprecated
}
}
+class UserComparator {
+ var $criterion = 'name' ;
+
+ function Compare ($a, $b) {
+ switch ($this->criterion) {
+ case 'name':
+ default:
+ $namecmp = strcoll ($a->getRealName(), $b->getRealName()) ;
+ if ($namecmp != 0) {
+ return $namecmp ;
+ }
+ /* If several projects share a same real name */
+ return strcoll ($a->getUnixName(), $b->getUnixName()) ;
+ break ;
+ case 'unixname':
+ return strcmp ($a->getUnixName(), $b->getUnixName()) ;
+ break ;
+ case 'id':
+ $aid = $a->getID() ;
+ $bid = $b->getID() ;
+ if ($a == $b) {
+ return 0;
+ }
+ return ($a < $b) ? -1 : 1;
+ break ;
+ }
+ }
+}
+
+function sortUserList (&$list, $criterion='name') {
+ $cmp = new UserComparator () ;
+ $cmp->criterion = $criterion ;
+
+ return usort ($list, array ($cmp, 'Compare')) ;
+}
+
// Local Variables:
// mode: php
// c-file-style: "bsd"