<?php

require_once "class/object.class.php";

/*
 * Application users
 */
class User extends Object
{
    /*
     * Constructor
     */
    function __construct($guid = null)
    {
        $cols = array(
            "guid",
            "key",
            "salt",
            "alias",
            "admin",
            "email",
            "emailConf",
            "emailConfKey"
        );

        parent::__construct("user", $cols);
        $this->loadObj($guid);
    }

    /*
     * Initialize object by username
     */
    function initByUsername($username)
    {
        $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'";
        $result = $this->db->query($query);

        if (count($result) == 0)
            return false;

        $this->loadObj($result[0]['guid']);
        return true;
    }

    /*
     * Get all users -- ordered by name, ascending
     */
    function getAllUsers_orderByName()
    {
        $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name";
        $result = $this->db->query($query);

        $users = array();

        foreach ($result as $u)
            $users[] = new User($u['guid']);

        return $users;
    }

    /*
     * Check whether a given username is currently in use
     */
    function usernameInUse($username)
    {
        $escd_username = $this->db->esc($username);

        $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'";
        $results = $this->db->query($query);

        if (count($results) > 0)
            return true;

        return false;
    }

    /*
     * Generate a key from a user's password and salt
     */
    function getKey($password, $salt)
    {
        return hash("sha256", $salt . $password);
    }

    /*
     * Create a new User object with the given username and keyed with the given plain-text password
     * This function returns false if $username is already being used
     * On success, this object should be initialized as the new user (use only on new User() objects)
     */
    function createNewUser($username, $password)
    {
        if ($this->usernameInUse($username))
            return false;

        /* if there exist no users already, make this new one an admin */
        if (count($this->getAllUsers_orderByName()) == 0)
            $this->admin = 1;

        $this->perms = 0;
        $this->name = $username;
        $this->type = "user";
        $this->setPassword($password);
        $this->setEmail("");

        $this->saveObj();

        $this->owner = $this->guid;
        $this->saveObj();

        return true;
    }

    /*
     * Validate the password for this user.  Returns true if correct, false otherwise
     */
    function validatePassword($password)
    {
        $key = $this->getKey($password, $this->salt);
        return $key == $this->key;
    }

    /*
     * Validate the email confirmation key for a user, returns true if correct, false otherwise.  On success, $this->emailConf is also set to 1
     */
    function confirmEmailKey($key)
    {
        if ($key != $this->emailConfKey)
            return false;

        $this->emailConf = 1;
        return true;
    }

    /*
     * Overwrite the salt and key for this user, given a new plaintext password
     */
    function setPassword($password)
    {
        $this->salt = $this->getBlob();
        $this->key = $this->getKey($password, $this->salt);
    }

    /*
     * Overwrite the emailConfKey and flag, and change user's saved email address
     */
    function setEmail($email)
    {
        $this->email = $email;
        $this->emailConf = 0;
        $this->emailConfKey = $this->getBlob();
    }

    /*
     * If a user has an alias set, display it instead of their username
     */
    function getDisplayName()
    {
        if ($this->alias != "")
            return $this->alias;

        return $this->name;
    }
}

?>