1: <?php
   2: 
   3: /**
   4:  * This file contains the system property collection and item class.
   5:  *
   6:  * @package Core
   7:  * @subpackage GenericDB_Model
   8:  * @author Bjoern Behrens
   9:  * @author Holger Librenz
  10:  * @copyright four for business AG <www.4fb.de>
  11:  * @license http://www.contenido.org/license/LIZENZ.txt
  12:  * @link http://www.4fb.de
  13:  * @link http://www.contenido.org
  14:  */
  15: 
  16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
  17: 
  18: /**
  19:  * User collection
  20:  *
  21:  * @package Core
  22:  * @subpackage GenericDB_Model
  23:  */
  24: class cApiUserCollection extends ItemCollection {
  25: 
  26:     /**
  27:      * Constructor function.
  28:      *
  29:      * @global array $cfg
  30:      * @param string|bool $where [optional]
  31:      *         The where clause in the select, usable to run select by creating
  32:      *         the instance
  33:      */
  34:     public function __construct($where = false) {
  35:         global $cfg;
  36:         parent::__construct($cfg['tab']['user'], 'user_id');
  37:         $this->_setItemClass('cApiUser');
  38:         if ($where !== false) {
  39:             $this->select($where);
  40:         }
  41:     }
  42: 
  43:     /**
  44:      * Createa a user by user name.
  45:      *
  46:      * @param string $username
  47:      * @return cApiUser|bool
  48:      */
  49:     public function create($username) {
  50:         $primaryKeyValue = md5($username);
  51: 
  52:         $item = $this->createNewItem($primaryKeyValue);
  53:         if ($item->usernameExists($username)) {
  54:             return false;
  55:         }
  56: 
  57:         $item->set('username', $username);
  58:         $item->set('salt', md5($username . rand(1000, 9999) . rand(1000, 9999) . rand(1000, 9999)));
  59:         $item->store();
  60: 
  61:         return $item;
  62:     }
  63: 
  64:     /**
  65:      * Removes the specified user from the database by users name.
  66:      *
  67:      * @param string $username
  68:      *         Specifies the username
  69:      * @return bool
  70:      *         True if the delete was successful
  71:      */
  72:     public function deleteUserByUsername($username) {
  73:         $result = $this->deleteBy('username', $username);
  74:         return ($result > 0) ? true : false;
  75:     }
  76: 
  77:     /**
  78:      * Returns all users which are accessible by the current user.
  79:      *
  80:      * @param array $perms
  81:      *         Permissions array
  82:      * @param bool $includeAdmins [optional]
  83:      *         Flag to get admins (admin and sysadmin) too
  84:      * @param string $orderBy [optional]
  85:      *         Order by rule, uses 'realname, username' by default
  86:      * @return array
  87:      *         Array of user objects
  88:      */
  89:     public function fetchAccessibleUsers($perms, $includeAdmins = false, $orderBy = '') {
  90:         $users = array();
  91:         $limit = array();
  92:         $where = '';
  93: 
  94:         if (!in_array('sysadmin', $perms)) {
  95:             // not sysadmin, compose where rules
  96:             $clientColl = new cApiClientCollection();
  97:             $allClients = $clientColl->getAvailableClients();
  98: 
  99:             foreach ($allClients as $key => $value) {
 100:                 if (in_array('client[' . $key . ']', $perms) || in_array('admin[' . $key . ']', $perms)) {
 101:                     $limit[] = 'perms LIKE "%client[' . $this->escape($key) . ']%"';
 102:                     if ($includeAdmins) {
 103:                         $limit[] = 'perms LIKE "%admin[' . $this->escape($key) . ']%"';
 104:                     }
 105:                 }
 106:                 if (in_array('admin[' . $key . ']', $perms)) {
 107:                     $limit[] = 'perms LIKE "%admin[' . $key . ']%"';
 108:                 }
 109:             }
 110: 
 111:             if ($includeAdmins) {
 112:                 $limit[] = 'perms LIKE "%sysadmin%"';
 113:             }
 114: 
 115:             if (count($limit) > 0) {
 116:                 $where = '1 AND ' . implode(' OR ', $limit);
 117:             }
 118:         }
 119: 
 120:         if (empty($orderBy)) {
 121:             $orderBy = 'realname, username';
 122:         }
 123: 
 124:         $this->select($where, '', $this->escape($orderBy));
 125:         while (($oItem = $this->next()) !== false) {
 126:             $users[] = clone $oItem;
 127:         }
 128: 
 129:         return $users;
 130:     }
 131: 
 132:     /**
 133:      * Returns all users which are accessible by the current user.
 134:      * Is a wrapper of fetchAccessibleUsers() and returns contrary to that
 135:      * function
 136:      * a multidimensional array instead of a list of objects.
 137:      *
 138:      * @param array $perms
 139:      *         Permissions array
 140:      * @param bool $includeAdmins [optional]
 141:      *         Flag to get admins (admin and sysadmin) too
 142:      * @param string $orderBy [optional]
 143:      *         Order by rule, uses 'realname, username' by default
 144:      * @return array
 145:      *         Array of user like $arr[user_id][username], $arr[user_id][realname]
 146:      */
 147:     public function getAccessibleUsers($perms, $includeAdmins = false, $orderBy = '') {
 148:         $users = array();
 149:         $oUsers = $this->fetchAccessibleUsers($perms, $includeAdmins, $orderBy);
 150:         foreach ($oUsers as $oItem) {
 151:             $users[$oItem->get('user_id')] = array(
 152:                 'username' => $oItem->get('username'),
 153:                 'realname' => $oItem->get('realname')
 154:             );
 155:         }
 156:         return $users;
 157:     }
 158: 
 159:     /**
 160:      * Returns all users available in the system
 161:      *
 162:      * @param string $orderBy [optional]
 163:      *         SQL order by part
 164:      * @return array
 165:      */
 166:     public function fetchAvailableUsers($orderBy = 'realname ASC') {
 167:         $users = array();
 168: 
 169:         $this->select('', '', $this->escape($orderBy));
 170:         while (($oItem = $this->next()) !== false) {
 171:             $users[] = clone $oItem;
 172:         }
 173: 
 174:         return $users;
 175:     }
 176: 
 177:     /**
 178:      * Returns all system admins available in the system
 179:      *
 180:      * @param bool $forceActive [optional]
 181:      *         flag if only active sysadmins should be returned
 182:      * @return array
 183:      *         Array of user objects
 184:      */
 185:     public function fetchSystemAdmins($forceActive = false) {
 186:         $users = array();
 187: 
 188:         $where = 'perms LIKE "%sysadmin%"';
 189:         if ($forceActive === true) {
 190:             $where .= " AND (valid_from <= NOW() OR valid_from = '0000-00-00 00:00:00')" . " AND (valid_to >= NOW() OR valid_to = '0000-00-00 00:00:00')";
 191:         }
 192: 
 193:         $this->select($where);
 194:         while (($item = $this->next()) !== false) {
 195:             $users[] = clone $item;
 196:         }
 197: 
 198:         return $users;
 199:     }
 200: 
 201:     /**
 202:      * Returns all system admins available in the system
 203:      *
 204:      * @param int $client
 205:      * @return array
 206:      *         Array of user objects
 207:      */
 208:     public function fetchClientAdmins($client) {
 209:         $client = (int) $client;
 210:         $users = array();
 211: 
 212:         $where = 'perms LIKE "%admin[' . $client . ']%"';
 213: 
 214:         $this->select($where);
 215:         while (($item = $this->next()) !== false) {
 216:             $users[] = clone $item;
 217:         }
 218: 
 219:         return $users;
 220:     }
 221: }
 222: 
 223: /**
 224:  * User item
 225:  *
 226:  * In current version you can administer optional password checks
 227:  * via following configuration values:
 228:  *
 229:  * - En- or disabling checks:
 230:  * $cfg['password']['check_password_mask'] = [true|false]
 231:  * Use this flag to enable (true) or disable (false) the mask checks.
 232:  *
 233:  * $cfg['password']['use_cracklib'] = [true|false]
 234:  * Use this to enable (true) or disable (false) the strength check, currently
 235:  * done with cracklib.
 236:  *
 237:  * - Mask checks:
 238:  * Password mask checks are checks belonging to the "format" of the needed
 239:  * password string.
 240:  *
 241:  * $cfg['password']['min_length'], int
 242:  * Minimum length a password has to have. If not set, 8 chars are set as default
 243:  * $cfg['password']['numbers_mandatory'], int
 244:  * If set to a value greater than 0, at least
 245:  * $cfg['password']['numbers_mandatory'] numbers
 246:  * must be in password
 247:  * $cfg['password']['symbols_mandatory'], int &&
 248:  * $cfg['password']['symbols_regex'], String
 249:  * If 'symbols_mandatory' set to a value greater than 0, at least so many
 250:  * symbols has to appear in
 251:  * given password. What symbols are regcognized can be administrated via
 252:  * 'symbols_regex'. This has
 253:  * to be a regular expression which is used to "find" the symbols in $password.
 254:  * If not set, following
 255:  * RegEx is used: "/[|!@#$%&*\/=?,;.:\-_+~^¨\\\]/"
 256:  * $cfg['password']['mixed_case_mandatory'], int
 257:  * If set to a value greater than 0 so many lower and upper case character must
 258:  * appear in the password.
 259:  * (e.g.: if set to 2, 2 upper and 2 lower case characters must appear)
 260:  *
 261:  * - Strength check
 262:  * Passwords should have some special characteristics to be a strong, i.e. not
 263:  * easy to guess, password. Currently
 264:  * cracklib is supported. These are the configuration possibilities:
 265:  *
 266:  * $cfg['password']['cracklib_dict'], string
 267:  * Path and file name (without file extension!) to dictionary you want to use.
 268:  * This setting is
 269:  * mandatory!
 270:  *
 271:  * Keep in mind that these type of check only works if crack module is
 272:  * available.
 273:  *
 274:  * @package Core
 275:  * @subpackage GenericDB_Model
 276:  */
 277: class cApiUser extends Item {
 278: 
 279:     /**
 280:      * Password is ok and stored.
 281:      *
 282:      * @var int
 283:      *
 284:      */
 285:     const PASS_OK = 0;
 286: 
 287:     /**
 288:      * Given password is to short
 289:      *
 290:      * @var int
 291:      *
 292:      */
 293:     const PASS_TO_SHORT = 1;
 294: 
 295:     /**
 296:      * Given password is not strong enough
 297:      *
 298:      * @var int
 299:      *
 300:      */
 301:     const PASS_NOT_STRONG = 2;
 302: 
 303:     /**
 304:      * Given password is not complex enough
 305:      *
 306:      * @var int
 307:      *
 308:      */
 309:     const PASS_NOT_COMPLEX = 3;
 310: 
 311:     /**
 312:      * Password does not contain enough numbers.
 313:      *
 314:      * @var int
 315:      *
 316:      */
 317:     const PASS_NOT_ENOUGH_NUMBERS = 4;
 318: 
 319:     /**
 320:      * Password does not contain enough symbols.
 321:      *
 322:      * @var int
 323:      */
 324:     const PASS_NOT_ENOUGH_SYMBOLS = 5;
 325: 
 326:     /**
 327:      * Password does not contain enough mixed characters.
 328:      *
 329:      * @var int
 330:      *
 331:      */
 332:     const PASS_NOT_ENOUGH_MIXED_CHARS = 6;
 333: 
 334:     /**
 335:      * Password does not contain enough different characters.
 336:      *
 337:      * @var int
 338:      *
 339:      */
 340:     const PASS_NOT_ENOUGH_DIFFERENT_CHARS = 7;
 341: 
 342:     /**
 343:      * Exception code, which is used if you try to add an user
 344:      * that already exists.
 345:      *
 346:      * @var int
 347:      *
 348:      */
 349:     const EXCEPTION_USERNAME_EXISTS = 8;
 350: 
 351:     /**
 352:      * Exception code, which is used if an password is set to save
 353:      * that is not valid.
 354:      *
 355:      * @var int
 356:      *
 357:      */
 358:     const EXCEPTION_PASSWORD_INVALID = 9;
 359: 
 360:     /**
 361:      * This value will be used if no minimum length
 362:      * for passwords are set via $cfg['password']['min_length']
 363:      *
 364:      * @var int
 365:      *
 366:      */
 367:     const MIN_PASS_LENGTH_DEFAULT = 8;
 368: 
 369:     /**
 370:      * Constructor function
 371:      *
 372:      * @param mixed $mId [optional]
 373:      *         Specifies the ID of item to load
 374:      */
 375:     public function __construct($mId = false) {
 376:         global $cfg;
 377:         parent::__construct($cfg['tab']['user'], 'user_id');
 378:         $this->setFilters(array(), array());
 379:         if ($mId !== false) {
 380:             $this->loadByPrimaryKey($mId);
 381:         }
 382:     }
 383: 
 384:     /**
 385:      * Loads a user from the database by its userID.
 386:      *
 387:      * @param string $userId
 388:      *         Specifies the userID
 389:      * @return bool
 390:      *         True if the load was successful
 391:      */
 392:     public function loadUserByUserID($userId) {
 393:         return $this->loadByPrimaryKey($userId);
 394:     }
 395: 
 396:     /**
 397:      * Loads a user entry by username.
 398:      *
 399:      * @param string $userName
 400:      *         Specifies the username
 401:      * @return bool
 402:      *         True if the load was successful
 403:      */
 404:     public function loadUserByUsername($userName) {
 405:         return $this->loadBy('username', $userName);
 406:     }
 407: 
 408:     /**
 409:      * Checks if a user with the id $userId exists
 410:      *
 411:      * @param string $userId
 412:      * @return bool
 413:      *         user exists or not
 414:      */
 415:     public static function userExists($userId) {
 416:         $test = new cApiUser();
 417: 
 418:         return $test->loadByPrimaryKey($userId);
 419:     }
 420: 
 421:     /**
 422:      * Checks if a username exists
 423:      *
 424:      * @param string $username
 425:      *         the name
 426:      * @return bool
 427:      *         username exists or not
 428:      */
 429:     public static function usernameExists($username) {
 430:         $user = new cApiUser();
 431:         return $user->loadBy('username', $username);
 432:     }
 433: 
 434:     /**
 435:      * Checks a given password against some predefined rules like minimum
 436:      * character
 437:      * length, required special character, etc...
 438:      * This behaviour is configurable in global configuration $cfg['password'].
 439:      *
 440:      * @param string $password
 441:      *         The password check
 442:      * @return int
 443:      *         One of defined PASS_* constants (PASS_OK if everything was ok)
 444:      */
 445:     public static function checkPasswordMask($password) {
 446:         global $cfg;
 447: 
 448:         $iResult = self::PASS_OK;
 449: 
 450:         $cfgPw = $cfg['password'];
 451: 
 452:         if (!isset($cfgPw['check_password_mask']) || $cfgPw['check_password_mask'] == false) {
 453:             // no or disabled password check configuration
 454:             return $iResult;
 455:         }
 456: 
 457:         // any min length in config set?
 458:         $iMinLength = self::MIN_PASS_LENGTH_DEFAULT;
 459:         if (isset($cfgPw['min_length'])) {
 460:             $iMinLength = (int) $cfgPw['min_length'];
 461:         }
 462: 
 463:         // check length...
 464:         if (strlen($password) < $iMinLength) {
 465:             $iResult = self::PASS_TO_SHORT;
 466:         }
 467: 
 468:         // check password elements
 469:         // numbers.....
 470:         if ($iResult == self::PASS_OK && isset($cfgPw['numbers_mandatory']) && (int) $cfgPw['numbers_mandatory'] > 0) {
 471: 
 472:             $aNumbersInPassword = array();
 473:             preg_match_all('/[0-9]/', $password, $aNumbersInPassword);
 474: 
 475:             if (count($aNumbersInPassword[0]) < (int) $cfgPw['numbers_mandatory']) {
 476:                 $iResult = self::PASS_NOT_ENOUGH_NUMBERS;
 477:             }
 478:         }
 479: 
 480:         // symbols....
 481:         if ($iResult == self::PASS_OK && isset($cfgPw['symbols_mandatory']) && (int) $cfgPw['symbols_mandatory'] > 0) {
 482: 
 483:             $aSymbols = array();
 484:             $sSymbolsDefault = "/[|!@#$%&*\/=?,;.:\-_+~^¨\\\]/";
 485:             if (isset($cfgPw['symbols_regex']) && !empty($cfgPw['symbols_regex'])) {
 486:                 $sSymbolsDefault = $cfgPw['symbols_regex'];
 487:             }
 488: 
 489:             preg_match_all($sSymbolsDefault, $password, $aSymbols);
 490: 
 491:             if (count($aSymbols[0]) < (int) $cfgPw['symbols_mandatory']) {
 492:                 $iResult = self::PASS_NOT_ENOUGH_SYMBOLS;
 493:             }
 494:         }
 495: 
 496:         // mixed case??
 497:         if ($iResult == self::PASS_OK && isset($cfgPw['mixed_case_mandatory']) && (int) $cfgPw['mixed_case_mandatory'] > 0) {
 498: 
 499:             $aLowerCaseChars = array();
 500:             $aUpperCaseChars = array();
 501: 
 502:             preg_match_all('/[a-z]/', $password, $aLowerCaseChars);
 503:             preg_match_all('/[A-Z]/', $password, $aUpperCaseChars);
 504: 
 505:             if ((count($aLowerCaseChars[0]) < (int) $cfgPw['mixed_case_mandatory']) || (count($aUpperCaseChars[0]) < (int) $cfgPw['mixed_case_mandatory'])) {
 506:                 $iResult = self::PASS_NOT_ENOUGH_MIXED_CHARS;
 507:             }
 508:         }
 509: 
 510:         return $iResult;
 511:     }
 512: 
 513:     /**
 514:      * Encodes a passed password (uses md5 to generate a hash of it).
 515:      *
 516:      * @param string $password
 517:      *         The password to encode
 518:      * @return string
 519:      *         Encoded password
 520:      */
 521:     public function encodePassword($password) {
 522:         return hash("sha256", md5($password) . $this->get("salt"));
 523:     }
 524: 
 525:     /**
 526:      * User defined field value setter.
 527:      *
 528:      * @see Item::setField()
 529:      * @param string $sField
 530:      *         Field name
 531:      * @param string $mValue
 532:      *         Value to set
 533:      * @param bool $bSafe [optional]
 534:      *         Flag to run defined inFilter on passed value
 535:      * @return bool
 536:      */
 537:     public function setField($sField, $mValue, $bSafe = true) {
 538:         if ('perms' === $sField) {
 539:             if (is_array($mValue)) {
 540:                 $mValue = implode(',', $mValue);
 541:             }
 542:         }
 543: 
 544:         return parent::setField($sField, $mValue, $bSafe);
 545:     }
 546: 
 547:     /**
 548:      * Returns user id, currently set.
 549:      *
 550:      * @return string
 551:      */
 552:     public function getUserId() {
 553:         return $this->get('user_id');
 554:     }
 555: 
 556:     /**
 557:      * User id settter.
 558:      * NOTE: Setting the user id by this method will load the user model.
 559:      *
 560:      * @param string $uid
 561:      */
 562:     public function setUserId($uid) {
 563:         $this->loadByPrimaryKey($uid);
 564:     }
 565: 
 566:     /**
 567:      * Checks password which has to be set and return PASS_* values (i.e.
 568:      * on success PASS_OK).
 569:      *
 570:      * @param string $password
 571:      * @return int
 572:      */
 573:     public function setPassword($password) {
 574:         $result = self::checkPasswordMask($password);
 575:         if ($result != self::PASS_OK) {
 576:             return $result;
 577:         }
 578: 
 579:         $encPass = $this->encodePassword($password);
 580: 
 581:         if ($this->get('password') != $encPass) {
 582:             $this->set('password', $encPass);
 583:             $this->set('using_pw_request', '0');
 584:         }
 585: 
 586:         return $result;
 587:     }
 588: 
 589:     /**
 590:      * This method saves the given password $password.
 591:      * The password
 592:      * has to be checked, before it is set to the database. The resulting
 593:      * integer value represents the result code.
 594:      * Use the PASS_* constants to check what happens.
 595:      *
 596:      * @param string $password
 597:      * @return int|bool
 598:      *         PASS_* or false if saving fails
 599:      */
 600:     public function savePassword($password) {
 601:         if ($this->get('password') == $this->encodePassword($password)) {
 602:             return self::PASS_OK;
 603:         }
 604: 
 605:         $result = $this->setPassword($password);
 606: 
 607:         if ($this->store() === false) {
 608:             return false;
 609:         } else {
 610:             return $result;
 611:         }
 612:     }
 613: 
 614:     /**
 615:      * Returns user name, currently set
 616:      *
 617:      * @return string
 618:      */
 619:     public function getUserName() {
 620:         return $this->get('username');
 621:     }
 622: 
 623:     /**
 624:      * Sets up new user name.
 625:      *
 626:      * @param string $sUserName
 627:      */
 628:     public function setUserName($sUserName) {
 629:         if ($this->get('username') != $sUserName) {
 630:             $this->set('username', $sUserName);
 631:         }
 632:     }
 633: 
 634:     /**
 635:      * Getter method to get user realname
 636:      *
 637:      * @return string
 638:      *         Realname of user
 639:      */
 640:     public function getRealName() {
 641:         return $this->get('realname');
 642:     }
 643: 
 644:     /**
 645:      * Returns effective user name (if exists realname , otherwise username)
 646:      *
 647:      * @return string
 648:      *         Realname or username of user
 649:      */
 650:     public function getEffectiveName() {
 651:         $name = trim($this->get('realname'));
 652:         if (strlen($name) == 0) {
 653:             $name = trim($this->get('username'));
 654:         }
 655:         return $name;
 656:     }
 657: 
 658:     /**
 659:      * Getter method to get user mail
 660:      *
 661:      * @return string
 662:      */
 663:     public function getMail() {
 664:         return $this->get('email');
 665:     }
 666: 
 667:     /**
 668:      * Getter method to get user tel number
 669:      *
 670:      * @return string
 671:      */
 672:     public function getTelNumber() {
 673:         return $this->get('telephone');
 674:     }
 675: 
 676:     /**
 677:      * Getter method to get user adress data
 678:      *
 679:      * @return array
 680:      *         Address data array like:
 681:      *         <pre>
 682:      *         $aAddress['street'], $aAddress['city'], $aAddress['country'],
 683:      *         $aAddress['zip']
 684:      *         </pre>
 685:      */
 686:     public function getAddressData() {
 687:         $aret = array(
 688:             'street' => $this->get('address_street'),
 689:             'city' => $this->get('address_city'),
 690:             'country' => $this->get('address_country'),
 691:             'zip' => $this->get('address_zip')
 692:         );
 693: 
 694:         return $aret;
 695:     }
 696: 
 697:     /**
 698:      * Getter method to get user wysi
 699:      *
 700:      * @return int
 701:      */
 702:     public function getUseWysi() {
 703:         return $this->get('wysi');
 704:     }
 705: 
 706:     /**
 707:      * Getter method to get user valid date from-to
 708:      *
 709:      * @return string
 710:      */
 711:     public function getValidDateTo() {
 712:         return $this->get('valid_to');
 713:     }
 714: 
 715:     /**
 716:      * Getter method to get user valid date from-to
 717:      *
 718:      * @return string
 719:      */
 720:     public function getValidDateFrom() {
 721:         return $this->get('valid_from');
 722:     }
 723: 
 724:     /**
 725:      * Getter method to get user perm name
 726:      *
 727:      * @return string
 728:      */
 729:     public function getPerms() {
 730:         return $this->get('perms');
 731:     }
 732: 
 733:     /**
 734:      * Returns list of user permissions.
 735:      *
 736:      * @return array
 737:      */
 738:     public function getPermsArray() {
 739:         return explode(',', $this->get('perms'));
 740:     }
 741: 
 742:     /**
 743:      * Setter method to set user real name
 744:      *
 745:      * @param string $sRealName
 746:      */
 747:     public function setRealName($sRealName) {
 748:         if ($this->get('realname') != $sRealName) {
 749:             $this->set('realname', $sRealName);
 750:         }
 751:     }
 752: 
 753:     /**
 754:      * Setter method to set user mail address
 755:      *
 756:      * @param string $sMail
 757:      */
 758:     public function setMail($sMail) {
 759:         if ($this->get('email') != $sMail) {
 760:             $this->set('email', $sMail);
 761:         }
 762:     }
 763: 
 764:     /**
 765:      * Setter method to set user tel number
 766:      *
 767:      * @param string $sTelNumber
 768:      */
 769:     public function setTelNumber($sTelNumber) {
 770:         if ($this->get('telephone') != $sTelNumber) {
 771:             $this->set('telephone', $sTelNumber);
 772:         }
 773:     }
 774: 
 775:     /**
 776:      * Setter method to set address data
 777:      *
 778:      * @param string $sStreet
 779:      * @param string $sCity
 780:      * @param string $sZip
 781:      * @param string $sCountry
 782:      */
 783:     public function setAddressData($sStreet, $sCity, $sZip, $sCountry) {
 784:         if ($this->get('address_street') != $sStreet) {
 785:             $this->set('address_street', $sStreet);
 786:         }
 787:         if ($this->get('address_city') != $sCity) {
 788:             $this->set('address_city', $sCity);
 789:         }
 790:         if ($this->get('address_zip') != $sZip) {
 791:             $this->set('address_zip', $sZip);
 792:         }
 793:         if ($this->get('address_country') != $sCountry) {
 794:             $this->set('address_country', $sCountry);
 795:         }
 796:     }
 797: 
 798:     /**
 799:      * Sets value for street.
 800:      *
 801:      * @param string $sStreet
 802:      */
 803:     public function setStreet($sStreet) {
 804:         if ($this->get('address_street') != $sStreet) {
 805:             $this->set('address_street', $sStreet);
 806:         }
 807:     }
 808: 
 809:     /**
 810:      * Sets value for city.
 811:      *
 812:      * @param string $sCity
 813:      */
 814:     public function setCity($sCity) {
 815:         if ($this->get('address_city') != $sCity) {
 816:             $this->set('address_city', $sCity);
 817:         }
 818:     }
 819: 
 820:     /**
 821:      * Sets value for ZIP.
 822:      *
 823:      * @param string $sZip
 824:      */
 825:     public function setZip($sZip) {
 826:         if ($this->get('address_zip') != $sZip) {
 827:             $this->set('address_zip', $sZip);
 828:         }
 829:     }
 830: 
 831:     /**
 832:      * Sets value for country.
 833:      *
 834:      * @param string $sCountry
 835:      */
 836:     public function setCountry($sCountry) {
 837:         if ($this->get('address_country') != $sCountry) {
 838:             $this->set('address_country', $sCountry);
 839:         }
 840:     }
 841: 
 842:     /**
 843:      * Setter method to set wysi
 844:      *
 845:      * @param int $iUseWysi
 846:      */
 847:     public function setUseWysi($iUseWysi) {
 848:         if ($this->get('wysi') != $iUseWysi) {
 849:             $this->set('wysi', $iUseWysi);
 850:         }
 851:     }
 852: 
 853:     /**
 854:      * Setter method to set valid_to
 855:      *
 856:      * @todo add type check
 857:      * @param string $sValidateTo
 858:      */
 859:     public function setValidDateTo($sValidateTo) {
 860:         if ('0000-00-00' == $this->get('valid_to') && 0 == strlen(trim($sValidateTo))) {
 861:             return;
 862:         }
 863:         if ($this->get('valid_to') != $sValidateTo) {
 864:             $this->set('valid_to', $sValidateTo);
 865:         }
 866:     }
 867: 
 868:     /**
 869:      * Setter method to set valid_from
 870:      *
 871:      * @todo add type checks
 872:      * @param string $sValidateFrom
 873:      */
 874:     public function setValidDateFrom($sValidateFrom) {
 875:         if ('0000-00-00' == $this->get('valid_from') && 0 == strlen(trim($sValidateFrom))) {
 876:             return;
 877:         }
 878:         if ($this->get('valid_from') != $sValidateFrom) {
 879:             $this->set('valid_from', $sValidateFrom);
 880:         }
 881:     }
 882: 
 883:     /**
 884:      * Setter method to set perms
 885:      *
 886:      * @param array|string $perms
 887:      */
 888:     public function setPerms($perms) {
 889:         if ($this->get('perms') != $perms) {
 890:             $this->set('perms', $perms);
 891:         }
 892:     }
 893: 
 894:     /**
 895:      * Function returns effective perms for user including group rights as perm
 896:      * string.
 897:      *
 898:      * @author Timo Trautmann
 899:      * @return string
 900:      *         Current users permissions
 901:      */
 902:     public function getEffectiveUserPerms() {
 903:         global $perm;
 904: 
 905:         // first get users own permissions and filter them into result array
 906:         // $aUserPerms
 907:         $aUserPerms = array();
 908:         $aUserPermsSelf = explode(',', $this->values['perms']);
 909:         foreach ($aUserPermsSelf as $sPerm) {
 910:             if (trim($sPerm) != '') {
 911:                 $aUserPerms[] = $sPerm;
 912:             }
 913:         }
 914: 
 915:         // get all corresponding groups for this user
 916:         $groups = $perm->getGroupsForUser($this->values['user_id']);
 917: 
 918:         foreach ($groups as $value) {
 919:             // get global group permissions
 920:             $oGroup = new cApiGroup($value);
 921:             $aGroupPerms = $oGroup->getPermsArray();
 922: 
 923:             // add group permissions to $aUserPerms if they were not alredy
 924:             // defined before
 925:             foreach ($aGroupPerms as $sPerm) {
 926:                 if (trim($sPerm) != '' && !in_array($sPerm, $aUserPerms)) {
 927:                     $aUserPerms[] = $sPerm;
 928:                 }
 929:             }
 930:         }
 931:         return implode(',', $aUserPerms);
 932:     }
 933: 
 934:     /**
 935:      * Returns group names where the user is in.
 936:      *
 937:      * @param string $userid [optional]
 938:      *         user id, uses id of loaded user by default.
 939:      * @param bool $bAddDescription [optional]
 940:      *         Flag to add description like "groupname (description)"
 941:      * @return array
 942:      */
 943:     public function getGroupNamesByUserID($userid = NULL, $bAddDescription = true) {
 944:         $userid = (NULL === $userid) ? $this->get('user_id') : $userid;
 945: 
 946:         $aGroups = array();
 947: 
 948:         $oGroupColl = new cApiGroupCollection();
 949:         $groups = $oGroupColl->fetchByUserID($userid);
 950: 
 951:         foreach ($groups as $group) {
 952:             $sTemp = $group->get('groupname');
 953:             $sTemp = substr($sTemp, 4, strlen($sTemp) - 4);
 954: 
 955:             if (true === $bAddDescription) {
 956:                 $sDescription = trim($group->get('description'));
 957:                 if ($sDescription != '') {
 958:                     $sTemp .= ' (' . $sDescription . ')';
 959:                 }
 960:             }
 961: 
 962:             $aGroups[] = $sTemp;
 963:         }
 964: 
 965:         return $aGroups;
 966:     }
 967: 
 968:     /**
 969:      * Returns group ids where the user is in.
 970:      *
 971:      * @param string $userid [optional]
 972:      *         user id, uses id of loaded user by default.
 973:      * @return array
 974:      */
 975:     public function getGroupIDsByUserID($userid) {
 976:         $userid = (NULL === $userid) ? $this->get('user_id') : $userid;
 977: 
 978:         $aGroups = array();
 979: 
 980:         $oGroupColl = new cApiGroupCollection();
 981:         $groups = $oGroupColl->fetchByUserID($userid);
 982: 
 983:         foreach ($groups as $group) {
 984:             $aGroups[] = $group->get('group_id');
 985:         }
 986: 
 987:         return $aGroups;
 988:     }
 989: 
 990:     /**
 991:      * Retrieves the effective user property.
 992:      *
 993:      * @param string $type
 994:      *         Type (class, category etc) for the property to retrieve
 995:      * @param string $name
 996:      *         Name of the property to retrieve
 997:      * @param bool $group [optional]
 998:      *         Flag to search in groups
 999:      * @return string|bool
1000:      *         value of the retrieved property or false
1001:      */
1002:     public function getUserProperty($type, $name, $group = false) {
1003:         global $perm;
1004: 
1005:         if (!is_object($perm)) {
1006:             $perm = new cPermission();
1007:         }
1008: 
1009:         $result = false;
1010: 
1011:         if ($group == true) {
1012:             // first get property by existing groups, if desired
1013:             $groups = $perm->getGroupsForUser($this->values['user_id']);
1014: 
1015:             foreach ($groups as $groupid) {
1016:                 $groupPropColl = new cApiGroupPropertyCollection($groupid);
1017:                 $groupProp = $groupPropColl->fetchByGroupIdTypeName($type, $name);
1018:                 if ($groupProp) {
1019:                     $result = $groupProp->get('value');
1020:                 }
1021:             }
1022:         }
1023: 
1024:         // get property of user
1025:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1026:         $userProp = $userPropColl->fetchByUserIdTypeName($type, $name);
1027:         if ($userProp) {
1028:             $result = $userProp->get('value');
1029:         }
1030: 
1031:         return ($result !== false) ? $result : false;
1032:     }
1033: 
1034:     /**
1035:      * Returns all user properties by type.
1036:      *
1037:      * @todo return value should be similar to getUserProperties()
1038:      *
1039:      * @param string $type
1040:      *         Type (class, category etc) of the properties to retrieve
1041:      * @param bool $group [optional]
1042:      *         Flag to retrieve in group properties. If enabled, group
1043:      *         properties will be merged with user properties where the user
1044:      *         poperties will overwrite group properties
1045:      * @return array
1046:      *         Assoziative properties array as follows:
1047:      *         - $arr[name] = value
1048:      */
1049:     public function getUserPropertiesByType($type, $group = false) {
1050:         global $perm;
1051: 
1052:         if (!is_object($perm)) {
1053:             $perm = new cPermission();
1054:         }
1055: 
1056:         $props = array();
1057: 
1058:         if ($group == true) {
1059:             // first get properties by existing groups, if desired
1060:             $groups = $perm->getGroupsForUser($this->values['user_id']);
1061:             foreach ($groups as $groupid) {
1062:                 $groupPropColl = new cApiGroupPropertyCollection($groupid);
1063:                 $groupProps = $groupPropColl->fetchByGroupIdType($type);
1064:                 foreach ($groupProps as $groupProp) {
1065:                     $props[$groupProp->get('name')] = $groupProp->get('value');
1066:                 }
1067:             }
1068:         }
1069: 
1070:         // get properties of user
1071:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1072:         $userProps = $userPropColl->fetchByUserIdType($type);
1073:         foreach ($userProps as $userProp) {
1074:             $props[$userProp->get('name')] = $userProp->get('value');
1075:         }
1076: 
1077:         return $props;
1078:     }
1079: 
1080:     /**
1081:      * Retrieves all available properties of the user.
1082:      *
1083:      * @return array
1084:      *         Return value in new mode is:
1085:      *         - $arr[iduserprop][name]
1086:      *         - $arr[iduserprop][type]
1087:      *         - $arr[iduserprop][value]
1088:      */
1089:     public function getUserProperties() {
1090:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1091:         $userProps = $userPropColl->fetchByUserId();
1092: 
1093:         $props = array();
1094: 
1095:         foreach ($userProps as $userProp) {
1096:             $props[$userProp->get('iduserprop')] = array(
1097:                 'name' => $userProp->get('name'),
1098:                 'type' => $userProp->get('type'),
1099:                 'value' => $userProp->get('value')
1100:             );
1101:         }
1102: 
1103:         return $props;
1104:     }
1105: 
1106:     /**
1107:      * Stores a property to the database
1108:      *
1109:      * @param string $type
1110:      *         Type (class, category etc) for the property to retrieve
1111:      * @param string $name
1112:      *         Name of the property to retrieve
1113:      * @param string $value
1114:      *         Value to insert
1115:      */
1116:     public function setUserProperty($type, $name, $value) {
1117:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1118:         $userProps = $userPropColl->setValueByTypeName($type, $name, $value);
1119:     }
1120: 
1121:     /**
1122:      * Deletes a user property from the table.
1123:      *
1124:      * @param string $type
1125:      *         Type (class, category etc) of property to retrieve
1126:      * @param string $name
1127:      *         Name of property to retrieve
1128:      * @return bool
1129:      */
1130:     public function deleteUserProperty($type, $name) {
1131:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1132:         return $userPropColl->deleteByUserIdTypeName($type, $name);
1133:     }
1134: 
1135:     /**
1136:      * This static method provides a simple way to get error messages depending
1137:      * on error code $iErrorCode, which is returned by checkPassword* methods.
1138:      *
1139:      * @param int $iErrorCode
1140:      * @return string
1141:      */
1142:     public static function getErrorString($iErrorCode) {
1143:         global $cfg;
1144: 
1145:         $sError = '';
1146: 
1147:         switch ($iErrorCode) {
1148:             case self::PASS_NOT_ENOUGH_MIXED_CHARS:
1149:                 $sError = sprintf(i18n('Please use at least %d lower and upper case characters in your password!'), $cfg['password']['mixed_case_mandatory']);
1150:                 break;
1151:             case self::PASS_NOT_ENOUGH_NUMBERS:
1152:                 $sError = sprintf(i18n('Please use at least %d numbers in your password!'), $cfg['password']['numbers_mandatory']);
1153:                 break;
1154:             case self::PASS_NOT_ENOUGH_SYMBOLS:
1155:                 $sError = sprintf(i18n('Please use at least %d symbols in your password!'), $cfg['password']['symbols_mandatory']);
1156:                 break;
1157:             case self::PASS_TO_SHORT:
1158:                 $sError = sprintf(i18n('Password is too short! Please use at least %d signs.'), ($cfg['password']['min_length'] > 0? $cfg['password']['min_length'] : self::MIN_PASS_LENGTH_DEFAULT));
1159:                 break;
1160:             case self::PASS_NOT_ENOUGH_DIFFERENT_CHARS:
1161:                 $sError = sprintf(i18n('Password does not contain enough different characters.'));
1162:                 break;
1163:             case self::PASS_NOT_STRONG:
1164:                 $sError = i18n('Please choose a more secure password!');
1165:                 break;
1166:             default:
1167:                 $sError = 'I do not really know what has happened. But your password does not match the
1168:                 policies! Please consult your administrator. The error code is #' . $iErrorCode;
1169:         }
1170: 
1171:         return $sError;
1172:     }
1173: }
1174: