diff options
Diffstat (limited to 'app/class/user.class.php')
| -rw-r--r-- | app/class/user.class.php | 241 |
1 files changed, 0 insertions, 241 deletions
diff --git a/app/class/user.class.php b/app/class/user.class.php deleted file mode 100644 index b8143a9..0000000 --- a/app/class/user.class.php +++ /dev/null @@ -1,241 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "class/object.class.php"; -require_once "class/group.class.php"; - -/* - * Application users - */ -class User extends Object -{ - /* - * Constructor - */ - function __construct($guid = null) - { - $cols = array( - "guid", - "key", - "salt", - "alias", - "admin", - "email", - "emailConf", - "emailConfKey" - ); - - parent::__construct("user", $cols); - $this->loadObj($guid); - } - - /* - * Initialize object by username - */ - function initByUsername($username) - { - $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'"; - $result = $this->db->query($query); - - if (count($result) == 0) - return false; - - $this->loadObj($result[0]['guid']); - return true; - } - - /* - * Get all users -- ordered by name, ascending - */ - function getAllUsers_orderByName() - { - $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name"; - $result = $this->db->query($query); - - $users = array(); - - foreach ($result as $u) - $users[] = new User($u['guid']); - - return $users; - } - - /* - * Get all users -- ordered by admin DESC (admins first), then by name - */ - function getAllUsers_orderByAdminByName() - { - $query = "SELECT o.guid FROM object o JOIN user u ON o.guid = u.guid WHERE o.type = 'user' ORDER BY u.admin DESC, o.name"; - $result = $this->db->query($query); - - $users = array(); - - foreach ($result as $u) - $users[] = new User($u['guid']); - - return $users; - } - - /* - * Get the number of administrative accounts in the system - */ - function getNumAdmins() - { - $query = "SELECT count(*) as cnt FROM user WHERE admin = 1"; - $results = $this->db->query($query); - return $results[0]['cnt']; - } - - /* - * Check whether a given username is currently in use - */ - function usernameInUse($username) - { - $escd_username = $this->db->esc($username); - - $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'"; - $results = $this->db->query($query); - - if (count($results) > 0) - return true; - - return false; - } - - /* - * Generate a key from a user's password and salt - */ - function getKey($password, $salt) - { - return hash("sha256", $salt . $password); - } - - /* - * Create a new User object with the given username and keyed with the given plain-text password - * This function returns false if $username is already being used - * On success, this object should be initialized as the new user (use only on new User() objects) - */ - function createNewUser($username, $password) - { - if ($this->usernameInUse($username)) - return false; - - /* if there exist no users already, make this new one an admin */ - if (count($this->getAllUsers_orderByName()) == 0) - $this->admin = 1; - - $this->perms = 0; - $this->name = $username; - $this->type = "user"; - $this->setPassword($password); - $this->setEmail(""); - - $this->saveObj(); - - $this->owner = $this->guid; - $this->saveObj(); - - return true; - } - - /* - * Validate the password for this user. Returns true if correct, false otherwise - */ - function validatePassword($password) - { - $key = $this->getKey($password, $this->salt); - return $key == $this->key; - } - - /* - * Validate the email confirmation key for a user, returns true if correct, false otherwise. On success, $this->emailConf is also set to 1 - */ - function confirmEmailKey($key) - { - if ($key != $this->emailConfKey) - return false; - - $this->emailConf = 1; - return true; - } - - /* - * Overwrite the salt and key for this user, given a new plaintext password - */ - function setPassword($password) - { - $this->salt = $this->getBlob(); - $this->key = $this->getKey($password, $this->salt); - } - - /* - * Overwrite the emailConfKey and flag, and change user's saved email address - */ - function setEmail($email) - { - $this->email = $email; - $this->emailConf = 0; - $this->emailConfKey = $this->getBlob(); - } - - /* - * If a user has an alias set, display it instead of their username - */ - function getDisplayName() - { - if ($this->alias != "") - return $this->alias; - - return $this->name; - } - - /* - * Get the glyphicon to use for this user - */ - function getGlyphicon() - { - if ($this->admin) - return "glyphicon glyphicon-sunglasses"; - - return "glyphicon glyphicon-user"; - } - - /* - * Get all groups this user owns or is a member of - */ - function getGroups() - { - /* owner */ - $query = "SELECT guid FROM object WHERE type = 'group' AND owner = '" . $this->db->esc($this->guid) . "'"; - $result = $this->db->query($query); - - $groups = array(); - - foreach ($result as $g) - $groups[] = new Group($g['guid']); - - /* member */ - $query = "SELECT o.guid FROM object o JOIN obj_member om ON o.guid = om.guid WHERE o.type = 'group' AND member = '" . $this->db->esc($this->guid) . "'"; - $result = $this->db->query($query); - - foreach ($result as $g) - $groups[] = new Group($g['guid']); - - return $groups; - } -} - -?> |