ultimix
user_access.php
Go to the documentation of this file.
1 <?php
2 
3  /*
4  * This source code is a part of the Ultimix Project.
5  * It is distributed under BSD license. All other third side source code (like tinyMCE) is distributed under
6  * it's own license wich could be found from the corresponding files or sources.
7  * This source code is provided "as is" without any warranties or garanties.
8  *
9  * Have a nice day!
10  *
11  * @url http://ultimix.sorceforge.net
12  *
13  * @author Alexey "gdever" Dodonov
14  */
15 
26  class user_access_1_0_0{
27 
38  var $NativeTable = '`umx_user`';
39 
50  var $GuestUserId = 2;
51 
62  var $Database = false;
63  var $DatabaseAlgorithms = false;
64  var $Security = false;
65  var $SecurityParser = false;
66  var $UserAccessUtilities = false;
67 
78  var $UsersCache = array();
79 
90  function __construct()
91  {
92  try
93  {
94  $this->Database = get_package( 'database' , 'last' , __FILE__ );
95  $this->DatabaseAlgorithms = get_package( 'database::database_algorithms' , 'last' , __FILE__ );
96  $this->Security = get_package( 'security' , 'last' , __FILE__ );
97  $this->SecurityParser = get_package( 'security::security_parser' , 'last' , __FILE__ );
98  $this->UserAccessUtilities = get_package(
99  'user::user_access::user_access_utilities' , 'last' , __FILE__
100  );
101  }
102  catch( Exception $e )
103  {
104  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
105  }
106  }
107 
118  var $AddLimitations = '1 = 1';
119 
138  function set_add_limitations( $theAddLimitation )
139  {
140  try
141  {
142  if( $this->AddLimitations === '1 = 1' )
143  {
144  $this->AddLimitations = $theAddLimitation;
145  }
146  else
147  {
148  throw( new Exception( '"AddLimitations" was already set' ) );
149  }
150  }
151  catch( Exception $e )
152  {
153  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
154  }
155  }
156 
183  function unsafe_select( $Condition = '1 = 1' )
184  {
185  try
186  {
187  $this->Database->query_as( DB_OBJECT );
188 
189  return(
190  $this->Database->select(
191  $this->NativeTable.'.* , file_path AS avatar_path , '.
192  'IF( banned_to >= NOW() , 1 , 0 ) AS banned' ,
193  $this->NativeTable.' , umx_uploaded_file' ,
194  "( $this->AddLimitations ) AND umx_uploaded_file.id = ".
195  $this->NativeTable.".avatar AND $Condition"
196  )
197  );
198  }
199  catch( Exception $e )
200  {
201  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
202  }
203  }
204 
227  function get_user( $Login )
228  {
229  try
230  {
231  if( isset( $this->UsersCache[ $Login ] ) )
232  {
233  return( $this->UsersCache[ $Login ] );
234  }
235 
236  $Login = $this->Security->get( $Login , 'string' );
237 
238  $Users = $this->unsafe_select( "login LIKE '$Login'" );
239 
240  if( count( $Users ) === 0 || count( $Users ) > 1 )
241  {
242  throw( new Exception( 'User with login '.$Login.' was not found' ) );
243  }
244  else
245  {
246  $this->UsersCache[ $Login ] = $Users[ 0 ];
247  return( $Users[ 0 ] );
248  }
249  }
250  catch( Exception $e )
251  {
252  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
253  }
254  }
255 
278  function reset_password( $Login , $Password )
279  {
280  try
281  {
282  $Login = $this->Security->get( $Login , 'string' );
283  $Password = $this->Security->get( $Password , 'string' );
284 
285  $Users = $this->unsafe_select( "login LIKE '$Login'" );
286 
287  $User = $this->get_user( $Login );
288 
289  $Record = array( 'password' => "md5( '$Password' )" );
290  $this->update( get_field( $User , 'id' ) , $Record );
291  }
292  catch( Exception $e )
293  {
294  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
295  }
296  }
297 
320  function set_avatar( $Login , $ImageId )
321  {
322  try
323  {
324  $Login = $this->Security->get( $Login , 'string' );
325  $ImageId = $this->Security->get( $ImageId , 'integer' );
326 
327  $User = $this->get_user( $Login );
328 
329  $Record = array( 'avatar' => "$ImageId" );
330  $this->update( get_field( $User , 'id' ) , $Record );
331  }
332  catch( Exception $e )
333  {
334  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
335  }
336  }
337 
360  private function fetch_update_data( &$Record )
361  {
362  try
363  {
364  $Record = $this->SecurityParser->parse_parameters(
365  $Record ,
366  'password:string;email:email;active:command;active_to:string;'.
367  'banned_to:string;name:string;sex:integer;site:string;about:string' ,
368  'allow_not_set'
369  );
370 
371  list( $Fields , $Values ) = $this->UserAccessUtilities->handle_update_record( $Record );
372 
373  return( array( $Fields , $Values ) );
374  }
375  catch( Exception $e )
376  {
377  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
378  }
379  }
380 
403  function update( $id , &$Record )
404  {
405  try
406  {
407  $id = $this->Security->get( $id , 'integer_list' );
408 
409  list( $Fields , $Values ) = $this->fetch_update_data( $Record );
410 
411  if( count( $Fields ) == 0 )
412  {
413  return;
414  }
415  $this->EventManager = get_package( 'event_manager' , 'last' , __FILE__ );
416  $this->EventManager->trigger_event(
417  'on_before_update_user' , array( 'id' => $id , 'data' => $Record )
418  );
419 
420  $this->Database->update(
421  $this->NativeTable , $Fields , $Values , "( $this->AddLimitations ) AND id IN ( $id )"
422  );
423  $this->Database->commit();
424 
425  $this->UserAccessUtilities->rise_update_event( $id );
426  }
427  catch( Exception $e )
428  {
429  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
430  }
431  }
432 
451  function delete( $ids )
452  {
453  try
454  {
455  $ids = $this->Security->get( $ids , 'integer_list' );
456 
457  $this->Database->delete( $this->NativeTable , "( $this->AddLimitations ) AND id IN ( $ids )" );
458  $this->Database->commit();
459 
460  $Link = get_package( 'link' , 'last' , __FILE__ );
461  $Link->delete_link( "$ids" , false , 'user' , 'permit' );
462  $Link->delete_link( "$ids" , false , 'user' , 'group' );
463  }
464  catch( Exception $e )
465  {
466  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
467  }
468  }
469 
488  function activate_users( $Ids )
489  {
490  try
491  {
492  $Ids = $this->Security->get( $Ids , 'integer' );
493 
494  $Record = array( 'active' => '1' );
495  $this->update( implode( ',' , $Ids ) , $Record );
496 
497  foreach( $Ids as $id )
498  {
499  $this->UserAccessUtilities->rise_activate_event( '' , $id );
500  }
501  }
502  catch( Exception $e )
503  {
504  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
505  }
506  }
507 
526  function deactivate_users( $Ids )
527  {
528  try
529  {
530  $Ids = $this->Security->get( $Ids , 'integer' );
531 
532  $Record = array( 'active' => 'inactive' );
533  $this->update( implode( ',' , $Ids ) , $Record );
534 
535  foreach( $Ids as $id )
536  {
537  $this->UserAccessUtilities->rise_activate_event( '' , $id );
538  }
539  }
540  catch( Exception $e )
541  {
542  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
543  }
544  }
545 
564  function activate_user( $Hash )
565  {
566  try
567  {
568  $Hash = $this->Security->get( $Hash , 'command' );
569 
570  $Users = $this->unsafe_select( "active LIKE '$Hash'" );
571 
572  if( isset( $Users[ 0 ] ) )
573  {
574  $Ids = get_field_ex( $Users , 'id' );
575 
576  $this->activate_users( $Ids );
577  }
578  }
579  catch( Exception $e )
580  {
581  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
582  }
583  }
584 
603  function deactivate_user( $id )
604  {
605  try
606  {
607  $id = $this->Security->get( $id , 'integer' );
608 
609  $Record = array( 'active' => '0' );
610  $this->update( $id , $Record );
611 
612  $this->UserAccessUtilities->rise_deactivate_event( $id );
613  }
614  catch( Exception $e )
615  {
616  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
617  }
618  }
619 
638  private function set_fields( &$Record )
639  {
640  try
641  {
642  $Record = set_field( $Record , 'active' , md5( microtime() ) );
643  $Record = set_field( $Record , 'password' , md5( get_field( $Record , 'password' ) ) );
644  }
645  catch( Exception $e )
646  {
647  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
648  }
649  }
650 
673  function create( $Record )
674  {
675  try
676  {
677  $Record = $this->SecurityParser->parse_parameters(
678  $Record ,
679  'login:string;password:string;email:email;name:string;sex:integer;site:string;about:string'
680  );
681 
682  $this->set_fields( $Record );
683 
684  list( $Fields , $Values ) = $this->DatabaseAlgorithms->compile_fields_values( $Record );
685 
686  $Fields [] = 'registered';
687  $Values [] = 'NOW()';
688 
689  $id = $this->DatabaseAlgorithms->create( $this->NativeTable , $Fields , $Values );
690 
691  $this->UserAccessUtilities->rise_create_event( get_field( $Record , 'login' ) , $id );
692 
693  return( array( $id , get_field( $Record , 'active' ) ) );
694  }
695  catch( Exception $e )
696  {
697  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
698  }
699  }
700 
723  function select_list( $id )
724  {
725  try
726  {
727  $id = $this->Security->get( $id , 'integer_list' );
728 
729  return( $this->unsafe_select( $this->NativeTable.".id IN ( $id )" ) );
730  }
731  catch( Exception $e )
732  {
733  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
734  }
735  }
736 
775  function select( $Start = false , $Limit = false , $Field = false ,
776  $Order = false , $Condition = '1 = 1' )
777  {
778  try
779  {
780  $Condition = $this->DatabaseAlgorithms->select_condition(
781  $Start , $Limit , $Field , $Order , $Condition , $this->NativeTable
782  );
783 
784  return( $this->unsafe_select( $Condition ) );
785  }
786  catch( Exception $e )
787  {
788  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
789  }
790  }
791 
810  function simple_select()
811  {
812  try
813  {
814  $Records = $this->unsafe_select( '1 = 1' );
815 
816  foreach( $Records as $k => $v )
817  {
818  $Records[ $k ]->title = $v->id ? $v->login : '{lang:not_defined}';
819  }
820 
821  return( $Records );
822  }
823  catch( Exception $e )
824  {
825  $a = func_get_args();_throw_exception_object( __METHOD__ , $a , $e );
826  }
827  }
828  }
829 
830 ?>