From 2b6afdd9ef767e1e84c4751c72da6be13d9b4402 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 30 Jan 2016 21:20:41 -0500
Subject: Add functionality to create new User objects

User class now has a new function which will take a $username and a $password and use it to initialize itself as well as write new object data to the database.
This commit introduces a helper function getKey() (from class User) for creating user object keys by hashing the contatenation of its password and salt.
This commit introduces a helper function usernameInUse() (from class User) for ensuring the uniqueness of names amongst user-type objects
---
 app/class/user.class.php | 54 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

(limited to 'app/class/user.class.php')

diff --git a/app/class/user.class.php b/app/class/user.class.php
index 9a87b01..6bce26c 100644
--- a/app/class/user.class.php
+++ b/app/class/user.class.php
@@ -42,6 +42,60 @@ class User extends Object
 
         return $users;
     }
+
+    /*
+     * Check whether a given username is currently in use
+     */
+    function usernameInUse($username)
+    {
+        $escd_username = $this->db->esc($username);
+
+        $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'";
+        $results = $this->db->query($query);
+
+        if (count($results) > 0)
+            return true;
+
+        return false;
+    }
+
+    /*
+     * Generate a key from a user's password and salt
+     */
+    function getKey($password, $salt)
+    {
+        return hash("sha256", $salt . $password);
+    }
+
+    /*
+     * Create a new User object with the given username and keyed with the given plain-text password
+     * This function returns false if $username is already being used
+     * On success, this object should be initialized as the new user (use only on new User() objects)
+     */
+    function createNewUser($username, $password)
+    {
+        if ($this->usernameInUse($username))
+            return false;
+
+        /* if there exist no users already, make this new one an admin */
+        if (count($this->getAllUsers_orderByName()) == 0)
+            $this->admin = 1;
+
+        $this->perms = 0;
+        $this->name = $username;
+        $this->type = "user";
+        $this->salt = $this->getBlob();
+        $this->key = $this->getKey($password, $this->salt);
+        $this->emailConf = 0;
+        $this->emailConfKey = $this->getBlob();
+
+        $this->saveObj();
+
+        $this->owner = $this->guid;
+        $this->saveObj();
+
+        return true;
+    }
 }
 
 ?>
-- 
cgit v1.2.3