File classes/contenido/class.frontend.user.php

  1: <?php
  2: 
  3: /**
  4:  * This file contains the frontend user collection and item class.
  5:  *
  6:  * @package          Core
  7:  * @subpackage       GenericDB_Model
  8:  * @author           Murat Purc <murat@purc.de>
  9:  * @copyright        four for business AG <www.4fb.de>
 10:  * @license          http://www.contenido.org/license/LIZENZ.txt
 11:  * @link             http://www.4fb.de
 12:  * @link             http://www.contenido.org
 13:  */
 14: 
 15: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 16: 
 17: /**
 18:  * Frontend user collection
 19:  *
 20:  * @package Core
 21:  * @subpackage GenericDB_Model
 22:  */
 23: class cApiFrontendUserCollection extends ItemCollection {
 24:     /**
 25:      * Constructor to create an instance of this class.
 26:      *
 27:      * @throws cInvalidArgumentException
 28:      */
 29:     public function __construct() {
 30:         global $cfg;
 31:         parent::__construct($cfg['tab']['frontendusers'], 'idfrontenduser');
 32:         $this->_setItemClass('cApiFrontendUser');
 33: 
 34:         // set the join partners so that joins can be used via link() method
 35:         $this->_setJoinPartner('cApiClientCollection');
 36:     }
 37: 
 38:     /**
 39:      * Checks if a specific user already exists
 40:      *
 41:      * @param string $sUsername
 42:      *         specifies the username to search for
 43:      *
 44:      * @return bool
 45:      * @throws cException
 46:      */
 47:     public function userExists($sUsername) {
 48:         global $client;
 49: 
 50:         $feUsers = new cApiFrontendUserCollection();
 51:         $feUsers->setWhere('idclient', $client);
 52:         $feUsers->setWhere('username', cString::toLowerCase($sUsername));
 53:         $feUsers->query();
 54: 
 55:         return ($feUsers->next()) ? true : false;
 56:     }
 57: 
 58:     /**
 59:      * Creates a new user
 60:      *
 61:      * @param string $username
 62:      *                         Specifies the username
 63:      * @param string $password [optional]
 64:      *                         Specifies the password (optional)
 65:      *
 66:      * @return cApiFrontendUser
 67:      * @throws cDbException
 68:      * @throws cException
 69:      * @throws cInvalidArgumentException
 70:      */
 71:     public function create($username, $password = '') {
 72:         global $client, $auth;
 73: 
 74:         // Check if the username already exists
 75:         $this->select("idclient = " . (int) $client . " AND username = '" . $this->escape($username) . "'");
 76: 
 77:         if ($this->next()) {
 78:             return $this->create($username . '_' . cString::getPartOfString(md5(rand()), 0, 10), $password);
 79:         }
 80: 
 81:         $item = $this->createNewItem();
 82:         $item->set('idclient', $client);
 83:         $item->set('username', $username);
 84:         $item->set('salt', md5($username . rand(1000, 9999) . rand(1000, 9999) . rand(1000, 9999)));
 85:         $item->set('password', $password);
 86:         $item->set('created', date('Y-m-d H:i:s'), false);
 87:         $item->set('author', $auth->auth['uid']);
 88:         $item->set('active', 0);
 89: 
 90:         $item->store();
 91: 
 92:         // Put this user into the default groups
 93:         $feGroups = new cApiFrontendGroupCollection();
 94:         $feGroups->select("idclient = " . (int) $client . " AND defaultgroup = 1");
 95: 
 96:         $feGroupMembers = new cApiFrontendGroupMemberCollection();
 97: 
 98:         $iduser = $item->get('idfrontenduser');
 99: 
100:         while (($feGroup = $feGroups->next()) !== false) {
101:             $idgroup = $feGroup->get('idfrontendgroup');
102:             $feGroupMembers->create($idgroup, $iduser);
103:         }
104: 
105:         return $item;
106:     }
107: 
108:     /**
109:      * Overridden delete method to remove user from groupmember table
110:      * before deleting user.
111:      *
112:      * @param int $itemId
113:      *         specifies the frontend user
114:      *
115:      * @return bool
116:      * 
117:      * @throws cDbException
118:      * @throws cException
119:      * @throws cInvalidArgumentException
120:      */
121:     public function delete($itemId) {
122:         // delete group memberships
123:         $feGroupMembers = new cApiFrontendGroupMemberCollection();
124:         $feGroupMembers->select('idfrontenduser = ' . (int) $itemId);
125:         while (($item = $feGroupMembers->next()) !== false) {
126:             $feGroupMembers->delete($item->get('idfrontendgroupmember'));
127:         }
128: 
129:         // delete user
130:         return parent::delete($itemId);
131:     }
132: 
133: }
134: 
135: /**
136:  * Frontend user item
137:  *
138:  * @package Core
139:  * @subpackage GenericDB_Model
140:  */
141: class cApiFrontendUser extends Item
142: {
143:     /**
144:      * Constructor to create an instance of this class.
145:      *
146:      * @param mixed $mId [optional]
147:      *                   Specifies the ID of item to load
148:      *                   
149:      * @throws cDbException
150:      * @throws cException
151:      * @throws cInvalidArgumentException
152:      */
153:     public function __construct($mId = false) {
154:         global $cfg;
155:         parent::__construct($cfg['tab']['frontendusers'], 'idfrontenduser');
156:         if ($mId !== false) {
157:             $this->loadByPrimaryKey($mId);
158:         }
159:     }
160: 
161:     /**
162:      * Overridden setField method to md5 the password.
163:      * Sets the value of a specific field.
164:      *
165:      * @param string $field
166:      *         Specifies the field to set
167:      * @param string $value
168:      *         Specifies the value to set
169:      * @param bool $safe [optional]
170:      *         Flag to use defined inFilter
171:      * @return bool
172:      */
173:     public function setField($field, $value, $safe = true) {
174:         if ($field == 'password') {
175:             return parent::setField($field, hash('sha256', md5($value) . $this->get('salt')), $safe);
176:         } else {
177:             return parent::setField($field, $value, $safe);
178:         }
179:     }
180: 
181:     /**
182:      * Sets the password to a raw value without md5 encoding.
183:      *
184:      * @param string $password
185:      *         Raw password
186:      * @return bool
187:      */
188:     public function setRawPassword($password) {
189:         return $this->setField('password', $password);
190:     }
191: 
192:     /**
193:      * Checks if the given password matches the password in the database
194:      *
195:      * @param string $password
196:      *         Password to check
197:      * @return bool
198:      *         True if the password is correct, false otherwise
199:      */
200:     public function checkPassword($password) {
201:         if ($this->isLoaded() === false) {
202:             return false;
203:         }
204: 
205:         $pass = $this->get('password');
206:         $salt = $this->get('salt');
207: 
208:         return hash('sha256', md5($password) . $salt) == $pass;
209:     }
210: 
211:     /**
212:      * Saves modified user entry
213:      *
214:      * @return bool
215:      * @throws cDbException
216:      * @throws cInvalidArgumentException
217:      */
218:     public function store() {
219:         global $auth;
220: 
221:         $this->set('modified', date('Y-m-d H:i:s'), false);
222:         $this->set('modifiedby', $auth->auth['uid']);
223:         return parent::store();
224:     }
225: 
226:     /**
227:      * Returns list of all groups belonging to current user
228:      *
229:      * @return array
230:      *         List of frontend group ids
231:      * @throws cException
232:      */
233:     public function getGroupsForUser() {
234:         $feGroupMembers = new cApiFrontendGroupMemberCollection();
235:         $feGroupMembers->setWhere('idfrontenduser', $this->get('idfrontenduser'));
236:         $feGroupMembers->query();
237: 
238:         $groups = array();
239:         while (($feGroupMember = $feGroupMembers->next()) !== false) {
240:             $groups[] = $feGroupMember->get('idfrontendgroup');
241:         }
242:         return $groups;
243:     }
244: 
245: }
246:
Packages

Classes
