1 files changed, 95 insertions, 0 deletions
diff --git a/app/class/user.class.php b/app/class/user.class.php
index 8ef91ae..bd2e174 100644
--- a/app/class/user.class.php
+++ b/app/class/user.class.php
@@ -17,6 +17,7 @@ class User extends Object
             "key",
             "salt",
             "alias",
+            "admin",
             "email",
             "emailConf",
             "emailConfKey"
@@ -25,6 +26,100 @@ class User extends Object
         parent::__construct("user", $cols);
         $this->loadObj($guid);
     }
+
+    /*
+     * Initialize object by username
+     */
+    function initByUsername($username)
+    {
+        $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'";
+        $result = $this->db->query($query);
+
+        if (count($result) == 0)
+            return false;
+
+        $this->loadObj($result[0]['guid']);
+        return true;
+    }
+
+    /*
+     * Get all users -- ordered by name, ascending
+     */
+    function getAllUsers_orderByName()
+    {
+        $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name";
+        $result = $this->db->query($query);
+
+        $users = array();
+
+        foreach ($result as $u)
+            $users[] = new User($u['guid']);
+
+        return $users;
+    }
+
+    /*
+     * Check whether a given username is currently in use
+     */
+    function usernameInUse($username)
+    {
+        $escd_username = $this->db->esc($username);
+
+        $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'";
+        $results = $this->db->query($query);
+
+        if (count($results) > 0)
+            return true;
+
+        return false;
+    }
+
+    /*
+     * Generate a key from a user's password and salt
+     */
+    function getKey($password, $salt)
+    {
+        return hash("sha256", $salt . $password);
+    }
+
+    /*
+     * Create a new User object with the given username and keyed with the given plain-text password
+     * This function returns false if $username is already being used
+     * On success, this object should be initialized as the new user (use only on new User() objects)
+     */
+    function createNewUser($username, $password)
+    {
+        if ($this->usernameInUse($username))
+            return false;
+
+        /* if there exist no users already, make this new one an admin */
+        if (count($this->getAllUsers_orderByName()) == 0)
+            $this->admin = 1;
+
+        $this->perms = 0;
+        $this->name = $username;
+        $this->type = "user";
+        $this->salt = $this->getBlob();
+        $this->key = $this->getKey($password, $this->salt);
+        $this->emailConf = 0;
+        $this->emailConfKey = $this->getBlob();
+
+        $this->saveObj();
+
+        $this->owner = $this->guid;
+        $this->saveObj();
+
+        return true;
+    }
+
+    /*
+     * Validate the password for this user.  Returns true if correct, false otherwise
+     */
+    function validatePassword($password)
+    {
+        $key = $this->getKey($password, $this->salt);
+        return $key == $this->key;
+    }
 }
 
 ?>