diff options
Diffstat (limited to 'examples/class/user.class.php')
| -rw-r--r-- | examples/class/user.class.php | 241 | 
1 files changed, 241 insertions, 0 deletions
| diff --git a/examples/class/user.class.php b/examples/class/user.class.php new file mode 100644 index 0000000..b8143a9 --- /dev/null +++ b/examples/class/user.class.php @@ -0,0 +1,241 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public + * License for more details. + */ + +require_once "class/object.class.php"; +require_once "class/group.class.php"; + +/* + * Application users + */ +class User extends Object +{ +    /* +     * Constructor +     */ +    function __construct($guid = null) +    { +        $cols = array( +            "guid", +            "key", +            "salt", +            "alias", +            "admin", +            "email", +            "emailConf", +            "emailConfKey" +        ); + +        parent::__construct("user", $cols); +        $this->loadObj($guid); +    } + +    /* +     * Initialize object by username +     */ +    function initByUsername($username) +    { +        $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'"; +        $result = $this->db->query($query); + +        if (count($result) == 0) +            return false; + +        $this->loadObj($result[0]['guid']); +        return true; +    } + +    /* +     * Get all users -- ordered by name, ascending +     */ +    function getAllUsers_orderByName() +    { +        $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name"; +        $result = $this->db->query($query); + +        $users = array(); + +        foreach ($result as $u) +            $users[] = new User($u['guid']); + +        return $users; +    } + +    /* +     * Get all users -- ordered by admin DESC (admins first), then by name +     */ +    function getAllUsers_orderByAdminByName() +    { +        $query = "SELECT o.guid FROM object o JOIN user u ON o.guid = u.guid WHERE o.type = 'user' ORDER BY u.admin DESC, o.name"; +        $result = $this->db->query($query); + +        $users = array(); + +        foreach ($result as $u) +            $users[] = new User($u['guid']); + +        return $users; +    } + +    /* +     * Get the number of administrative accounts in the system +     */ +    function getNumAdmins() +    { +        $query = "SELECT count(*) as cnt FROM user WHERE admin = 1"; +        $results = $this->db->query($query); +        return $results[0]['cnt']; +    } + +    /* +     * Check whether a given username is currently in use +     */ +    function usernameInUse($username) +    { +        $escd_username = $this->db->esc($username); + +        $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'"; +        $results = $this->db->query($query); + +        if (count($results) > 0) +            return true; + +        return false; +    } + +    /* +     * Generate a key from a user's password and salt +     */ +    function getKey($password, $salt) +    { +        return hash("sha256", $salt . $password); +    } + +    /* +     * Create a new User object with the given username and keyed with the given plain-text password +     * This function returns false if $username is already being used +     * On success, this object should be initialized as the new user (use only on new User() objects) +     */ +    function createNewUser($username, $password) +    { +        if ($this->usernameInUse($username)) +            return false; + +        /* if there exist no users already, make this new one an admin */ +        if (count($this->getAllUsers_orderByName()) == 0) +            $this->admin = 1; + +        $this->perms = 0; +        $this->name = $username; +        $this->type = "user"; +        $this->setPassword($password); +        $this->setEmail(""); + +        $this->saveObj(); + +        $this->owner = $this->guid; +        $this->saveObj(); + +        return true; +    } + +    /* +     * Validate the password for this user.  Returns true if correct, false otherwise +     */ +    function validatePassword($password) +    { +        $key = $this->getKey($password, $this->salt); +        return $key == $this->key; +    } + +    /* +     * Validate the email confirmation key for a user, returns true if correct, false otherwise.  On success, $this->emailConf is also set to 1 +     */ +    function confirmEmailKey($key) +    { +        if ($key != $this->emailConfKey) +            return false; + +        $this->emailConf = 1; +        return true; +    } + +    /* +     * Overwrite the salt and key for this user, given a new plaintext password +     */ +    function setPassword($password) +    { +        $this->salt = $this->getBlob(); +        $this->key = $this->getKey($password, $this->salt); +    } + +    /* +     * Overwrite the emailConfKey and flag, and change user's saved email address +     */ +    function setEmail($email) +    { +        $this->email = $email; +        $this->emailConf = 0; +        $this->emailConfKey = $this->getBlob(); +    } + +    /* +     * If a user has an alias set, display it instead of their username +     */ +    function getDisplayName() +    { +        if ($this->alias != "") +            return $this->alias; + +        return $this->name; +    } + +    /* +     * Get the glyphicon to use for this user +     */ +    function getGlyphicon() +    { +        if ($this->admin) +            return "glyphicon glyphicon-sunglasses"; + +        return "glyphicon glyphicon-user"; +    } + +    /* +     * Get all groups this user owns or is a member of +     */ +    function getGroups() +    { +        /* owner */ +        $query = "SELECT guid FROM object WHERE type = 'group' AND owner = '" . $this->db->esc($this->guid) . "'"; +        $result = $this->db->query($query); + +        $groups = array(); + +        foreach ($result as $g) +            $groups[] = new Group($g['guid']); + +        /* member */ +        $query = "SELECT o.guid FROM object o JOIN obj_member om ON o.guid = om.guid WHERE o.type = 'group' AND member = '" . $this->db->esc($this->guid) . "'"; +        $result = $this->db->query($query); + +        foreach ($result as $g) +            $groups[] = new Group($g['guid']); + +        return $groups; +    } +} + +?> | 
